Summary
| Detail | |||
|---|---|---|---|
| Vendor | Samsung | First view | 2016-02-07 |
| Product | x14j Firmware | Last view | 2017-03-23 |
| Version | t-ms14jakucb-1102.5 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:samsung:x14j_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.8 | 2017-03-23 | CVE-2015-5729 | The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack. |
| 9.8 | 2016-04-07 | CVE-2016-0729 | Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document. |
| 5.9 | 2016-04-06 | CVE-2016-1346 | The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673. |
| 7.5 | 2016-03-25 | CVE-2016-1350 | Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293. |
| 7.5 | 2016-03-25 | CVE-2016-1349 | The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410. |
| 7.5 | 2016-03-25 | CVE-2016-1348 | Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821. |
| 5.9 | 2016-03-25 | CVE-2016-1344 | The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. |
| 8.8 | 2016-03-12 | CVE-2016-1010 | Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993. |
| 8.8 | 2016-03-12 | CVE-2016-1005 | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002. |
| 8.8 | 2016-03-12 | CVE-2016-1002 | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005. |
| 8.8 | 2016-03-12 | CVE-2016-1001 | Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors. |
| 8.8 | 2016-03-12 | CVE-2016-1000 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999. |
| 8.8 | 2016-03-12 | CVE-2016-0999 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000. |
| 8.8 | 2016-03-12 | CVE-2016-0998 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000. |
| 8.8 | 2016-03-12 | CVE-2016-0997 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. |
| 8.8 | 2016-03-12 | CVE-2016-0996 | Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. |
| 8.8 | 2016-03-12 | CVE-2016-0995 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. |
| 8.8 | 2016-03-12 | CVE-2016-0994 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. |
| 8.8 | 2016-03-12 | CVE-2016-0993 | Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010. |
| 8.8 | 2016-03-12 | CVE-2016-0992 | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005. |
| 8.8 | 2016-03-12 | CVE-2016-0991 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. |
| 8.8 | 2016-03-12 | CVE-2016-0990 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. |
| 8.8 | 2016-03-12 | CVE-2016-0989 | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. |
| 8.8 | 2016-03-12 | CVE-2016-0988 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. |
| 8.8 | 2016-03-12 | CVE-2016-0987 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 32% (11) | CWE-416 | Use After Free |
| 23% (8) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 17% (6) | CWE-399 | Resource Management Errors |
| 8% (3) | CWE-190 | Integer Overflow or Wraparound |
| 5% (2) | CWE-200 | Information Exposure |
| 2% (1) | CWE-787 | Out-of-bounds Write |
| 2% (1) | CWE-287 | Improper Authentication |
| 2% (1) | CWE-284 | Access Control (Authorization) Issues |
| 2% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-09-24 | Adobe Flash Player malformed ATF heap overflow attempt RuleID : 51226 - Type : FILE-FLASH - Revision : 1 |
| 2019-09-24 | Adobe Flash Player malformed ATF heap overflow attempt RuleID : 51225 - Type : FILE-FLASH - Revision : 1 |
| 2016-08-18 | Adobe Flash Player swapDepths use after free attempt RuleID : 39652 - Type : FILE-FLASH - Revision : 2 |
| 2016-08-18 | Adobe Flash Player swapDepths use after free attempt RuleID : 39651 - Type : FILE-FLASH - Revision : 2 |
| 2016-07-19 | Adobe Flash Player malformed ATF heap overflow attempt RuleID : 39274 - Type : FILE-FLASH - Revision : 8 |
| 2016-07-19 | Adobe Flash Player malformed ATF heap overflow attempt RuleID : 39273 - Type : FILE-FLASH - Revision : 8 |
| 2016-04-14 | Adobe Flash Player rectangle width integer overflow attempt RuleID : 38241 - Type : FILE-FLASH - Revision : 3 |
| 2016-04-14 | Adobe Flash Player rectangle width integer overflow attempt RuleID : 38240 - Type : FILE-FLASH - Revision : 2 |
| 2016-04-14 | Adobe Flash Player rectangle width integer overflow attempt RuleID : 38239 - Type : FILE-FLASH - Revision : 3 |
| 2016-04-14 | Adobe Flash Player rectangle width integer overflow attempt RuleID : 38238 - Type : FILE-FLASH - Revision : 2 |
| 2016-04-12 | Adobe Flash Player mp4 size memory corruption attempt RuleID : 38227 - Type : FILE-FLASH - Revision : 5 |
| 2016-04-12 | Adobe Flash Player invalid FLV header out of bounds write attempt RuleID : 38226 - Type : FILE-FLASH - Revision : 5 |
| 2016-04-12 | Adobe Flash Player invalid FLV header out of bounds write attempt RuleID : 38225 - Type : FILE-FLASH - Revision : 5 |
| 2016-04-12 | Adobe Flash Player use after free attempt RuleID : 38222 - Type : FILE-FLASH - Revision : 2 |
| 2016-04-12 | Adobe Flash Player use after free attempt RuleID : 38221 - Type : FILE-FLASH - Revision : 2 |
| 2016-04-12 | Adobe Flash Player use after free RuleID : 38220 - Type : FILE-FLASH - Revision : 3 |
| 2016-04-12 | Adobe Flash Player use after free attempt RuleID : 38219 - Type : FILE-FLASH - Revision : 3 |
| 2016-04-12 | Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt RuleID : 38216 - Type : FILE-FLASH - Revision : 3 |
| 2016-04-12 | Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt RuleID : 38215 - Type : FILE-FLASH - Revision : 3 |
| 2016-04-12 | Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt RuleID : 38214 - Type : FILE-FLASH - Revision : 2 |
| 2016-04-12 | Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt RuleID : 38213 - Type : FILE-FLASH - Revision : 2 |
| 2016-04-12 | Adobe Flash Player BitmapData.applyFilter access violation attempt RuleID : 38204 - Type : FILE-FLASH - Revision : 3 |
| 2016-04-12 | Adobe Flash Player BitmapData.applyFilter access violation attempt RuleID : 38203 - Type : FILE-FLASH - Revision : 3 |
| 2016-04-12 | Adobe Flash Player BitmapData.copyChannel access violation attempt RuleID : 38200 - Type : FILE-FLASH - Revision : 2 |
| 2016-04-12 | Adobe Flash Player BitmapData.copyChannel access violation attempt RuleID : 38199 - Type : FILE-FLASH - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-05-01 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2016-1004.nasl - Type: ACT_GATHER_INFO |
| 2016-12-27 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201612-46.nasl - Type: ACT_GATHER_INFO |
| 2016-10-26 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-2550-1.nasl - Type: ACT_GATHER_INFO |
| 2016-10-26 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-2532-1.nasl - Type: ACT_GATHER_INFO |
| 2016-09-26 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-1118.nasl - Type: ACT_GATHER_INFO |
| 2016-09-26 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-1117.nasl - Type: ACT_GATHER_INFO |
| 2016-09-12 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2016-254-02.nasl - Type: ACT_GATHER_INFO |
| 2016-07-18 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-876.nasl - Type: ACT_GATHER_INFO |
| 2016-07-15 | Name: The remote Fedora host is missing a security update. File: fedora_2016-87e8468465.nasl - Type: ACT_GATHER_INFO |
| 2016-07-15 | Name: The remote Fedora host is missing a security update. File: fedora_2016-7615febbd6.nasl - Type: ACT_GATHER_INFO |
| 2016-07-15 | Name: The remote Fedora host is missing a security update. File: fedora_2016-0a061f6dd9.nasl - Type: ACT_GATHER_INFO |
| 2016-04-22 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-499.nasl - Type: ACT_GATHER_INFO |
| 2016-04-22 | Name: The remote Fedora host is missing a security update. File: fedora_2016-880b91c090.nasl - Type: ACT_GATHER_INFO |
| 2016-04-15 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-1026-1.nasl - Type: ACT_GATHER_INFO |
| 2016-04-15 | Name: The remote host is affected by a denial of service vulnerability. File: cisco_telepresence_server_cisco-sa-20160406-cts.nasl - Type: ACT_GATHER_INFO |
| 2016-04-14 | Name: The remote Fedora host is missing a security update. File: fedora_2016-ae9ac16cf3.nasl - Type: ACT_GATHER_INFO |
| 2016-04-13 | Name: The remote Fedora host is missing a security update. File: fedora_2016-9ff972ca42.nasl - Type: ACT_GATHER_INFO |
| 2016-04-08 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-429.nasl - Type: ACT_GATHER_INFO |
| 2016-04-06 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20160323-smi-iosxe.nasl - Type: ACT_GATHER_INFO |
| 2016-04-06 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20160323-smi-ios.nasl - Type: ACT_GATHER_INFO |
| 2016-04-06 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20160323-ikev2-iosxe.nasl - Type: ACT_GATHER_INFO |
| 2016-04-06 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20160323-ikev2-ios.nasl - Type: ACT_GATHER_INFO |
| 2016-04-06 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20160323-dhcpv6-iosxe.nasl - Type: ACT_GATHER_INFO |
| 2016-04-06 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20160323-dhcpv6-ios.nasl - Type: ACT_GATHER_INFO |
| 2016-04-01 | Name: The remote device is affected by denial of service vulnerability. File: cisco-sa-20160323-sip-ios.nasl - Type: ACT_GATHER_INFO |
