Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:ACTIVEX:SAMSNG-KIES |
|---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Samsung Kies Unsafe ActiveX Control Buffer Overflow |
Release Date |
2013/01/17 |
Update Number |
2226 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Samsung Kies Unsafe ActiveX Control Buffer Overflow
This signature detects attempts to use unsafe ActiveX controls in Samsung Kies. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.
Affected Products
- Samsung kies 2.5.0.12114_1
References
- BugTraq: 57249
- CVE: CVE-2012-6429