Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the (1) Start, (2) ChangeControlLocalName, (3) DeleteDeviceProfile, (4) FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control.
References
Configurations
History
No history.
Information
Published : 2014-06-11 14:55
Updated : 2024-02-28 12:20
NVD link : CVE-2014-3911
Mitre link : CVE-2014-3911
CVE.ORG link : CVE-2014-3911
JSON object : View
Products Affected
samsung
- ipolis_device_manager
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')