CVE-2015-8039

Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the (1) DVRSetupSave method in the STWAxConfig control or (2) SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
samsungsmartviewer
-
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/77079
http://www.zerodayinitiative.com/advisories/ZDI-15-462
http://www.zerodayinitiative.com/advisories/ZDI-15-463
http://www.securityfocus.com/bid/77079
http://www.zerodayinitiative.com/advisories/ZDI-15-462
http://www.zerodayinitiative.com/advisories/ZDI-15-463