Vulnerabilities > Samsung > Smart Viewer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-08 | CVE-2014-9266 | Code Injection vulnerability in Samsung Smart Viewer The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors. | 6.8 |
2013-08-28 | CVE-2013-3586 | Improper Authentication vulnerability in Samsung DVR and Smart Viewer Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie. | 7.6 |
2013-08-28 | CVE-2013-3585 | Credentials Management vulnerability in Samsung Smart Viewer Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page. | 5.0 |