Remote Code Execution in Samsung KIES via MASetupCaller ActiveX Control
The MASetupCaller ActiveX control, in MASetupCaller.dll, before version 1.4.2012.508, is part of MarkAny ContentSAFER. It is included in Samsung KIES before version 2.3.2.12074_13_13. This control does not correctly implement some methods. This lets remote attackers download any program onto a client machine. They can then run the downloaded program using a specially made HTML document.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
samsung kies |