What is CVE-2012-4333?

CVE-2012-4333 is a vulnerability in Samsung Net-i_viewer, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-08-14.

Is CVE-2012-4333 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Samsung Net-i_viewer

CVE-2012-4333

Multiple stack-based buffer overflows in the BackupToAvi method in the (1) UMS_Ctrl 1.5.1.1 and (2) UMS_Ctrl_STW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long strin…

Vulnerability class: Buffer Overflow

EPSS: 0.694 (98.7th percentile) — read the EPSS interpretation.

Affected products

Samsung Net-i_viewer — versions 1.37.120316
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

18765 (Exploit, exploit, x_refsource_EXPLOIT-DB)
53193 (Exploit, vdb-entry, x_refsource_BID)
48966 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
netiware-activex-control-bo(75070) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2012-4333?: CVE-2012-4333 is a vulnerability in Samsung Net-i_viewer, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-08-14.
Is CVE-2012-4333 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.