Intrusion Prevention

Samsung.NETi.Viewer.ActiveX.BackupToAvi.Buffer.Overflow

Description

This indicates a possible attempt to exploit a Buffer Overflow vulnerability in Samsung NET-i ware ActiveX control.
The vulnerability, which is located in the "CNC_Ctrl.dll" ActiveX control, can be exploited through misuse of the vulnerable method "BackupToAvi". An attacker can trick an unsuspecting user into visiting a malicious webpage and execute arbitrary code within the context of the application.

Affected Products

Samsung NET-i ware 1.37
Samsung NET-i viewer 1.37

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.