CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 1CVE-2012-5859 – Kies Air Denial Of Service / Authorization Bypass
https://notcve.org/view.php?id=CVE-2012-5859
Samsung Kies Air 2.1.207051 and 2.1.210161 allows remote attackers to cause a denial of service (crash) via a crafted request to www/apps/KiesAir/jws/ssd.php. Samsung Kies Air v2.1.207051 y v2.1.210161 permite a atacantes remotos provocar una denegación de servicio (caída) a través de una solicitud modificada a www/apps/KiesAir/TJ/ssd.php. Kies Air suffers from authorization bypass and denial of service vulnerabilities. Android version 4.0.4 build number IMM76D.I747UCALH9 is affected. • http://archives.neohapsis.com/archives/bugtraq/2012-11/0061.html http://packetstormsecurity.org/files/118154/Kies-Air-Denial-Of-Service-Authorization-Bypass.html http://www.securityfocus.com/bid/56560 https://exchange.xforce.ibmcloud.com/vulnerabilities/80091 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2012-5858 – Portable UPnP SDK - 'unique_service_name()' Remote Code Execution
https://notcve.org/view.php?id=CVE-2012-5858
Samsung Kies Air 2.1.207051 and 2.1.210161 relies on the IP address for authentication, which allows remote man-in-the-middle attackers to read arbitrary phone contents by spoofing or controlling the IP address. Samsung Kies Air v2.1.207051 y v2.1.210161 delega la autenticación en la dirección IP, lo que permite a atacantes man-in-the-middle leer contenido arbitrario del teléfono mediante la falsificación o control de la dirección IP. Kies Air suffers from authorization bypass and denial of service vulnerabilities. Android version 4.0.4 build number IMM76D.I747UCALH9 is affected. • https://www.exploit-db.com/exploits/24455 http://archives.neohapsis.com/archives/bugtraq/2012-11/0061.html http://packetstormsecurity.org/files/118154/Kies-Air-Denial-Of-Service-Authorization-Bypass.html http://www.securityfocus.com/bid/56560 https://exchange.xforce.ibmcloud.com/vulnerabilities/80092 • CWE-287: Improper Authentication •