CVE-2015-8039

EUVD-2015-7932
Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the (1) DVRSetupSave method in the STWAxConfig control or (2) SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
samsungsmartviewer
-
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/77079
http://www.zerodayinitiative.com/advisories/ZDI-15-462
http://www.zerodayinitiative.com/advisories/ZDI-15-463
http://www.securityfocus.com/bid/77079
http://www.zerodayinitiative.com/advisories/ZDI-15-462
http://www.zerodayinitiative.com/advisories/ZDI-15-463