CVE-2012-6429

Samsung Kies < 2.5.0.12114_1 - Memory Corruption

Title source: rule

Description

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by High-Tech Bridge · htmlremotewindows

https://www.exploit-db.com/exploits/38206

View Code ZIP pw:eip

References (6)

[Exploit] http://archives.neohapsis.com/archives/bugtraq/2013-01/0036.html

[Exploit] http://packetstormsecurity.com/files/119423/Samsung-Kies-2.5.0.12114_1-Buffer-Overflow.html

[Exploit] https://www.htbridge.com/advisory/HTB23136

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/57249

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/81160

[Third Party Advisory, VDB Entry] http://osvdb.org/89118

Scores

EPSS 0.4993

EPSS Percentile 97.8%

Details

CWE

CWE-119

Status published

Products (1)

samsung/kies < 2.5.0.12114_1

Published Apr 04, 2014

Tracked Since Feb 18, 2026