Lucene search

[email protected]CVE-2012-4334

HistoryAug 14, 2012 - 10:55 p.m.

CVE-2012-4334

2012-08-1422:55:02

[email protected]

web.nvd.nist.gov

cve-2012-4334

stwconfignvr

stwconfig

activex controls

samsung net-i viewer

remote code execution

security vulnerability

connectddns

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.053 Low

EPSS

Percentile

93.1%

JSON

The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i viewer 1.37.120316 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

samsungnet-i_viewerMatch1.37.120316

CPENameOperatorVersion
samsung:net-i_viewersamsung net-i viewereq1.37.120316

CPE	Name	Operator	Version
samsung:net-i_viewer	samsung net-i viewer	eq	1.37.120316

References

secunia.com/advisories/48965

www.exploit-db.com/exploits/18765

www.securityfocus.com/bid/53193

exchange.xforce.ibmcloud.com/vulnerabilities/75069

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.053 Low

EPSS

Percentile

93.1%

JSON

Related for CVE-2012-4334

prion1 cvelist1 nvd1