1396 matches found
Directory traversal
Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory...
CVE-2007-4785
CVE-2007-4785 concerns Sony Micro Vault Fingerprint Access Software shipped with Sony Micro Vault USM-F USB drives. The vulnerability arises from a driver that hides a directory under %WINDIR%, which could allow a remote attacker to bypass malware detection by placing files in that hidden directo...
CVE-2007-4785
Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory...
JVN#35677737 Fingerprint Authentication Software for Sony Pocket Bit installs hidden folders and files
Some models of Sony Pocket Bit series contain Fingerprint Authentication Software. Fingerprint Authentication Software installs hidden folders and files, that is, the folders and files are not visible using ordinary system tools. Impact A remote attacker could use hidden folders for unintended...
Overwrite the SEH overflow exploit detection ideas-vulnerability warning-the black bar safety net
See Security focus on a review of the stack-based fingerprint detecting a buffer overflow of some ideas, which is in the ShellCode is already running in its call stackis Hook the sub calls the function LoadLibraryis detected, some use an overflow overwriting the SEH Handler, and then any programs...
Security flaw in IBM Client Security Password Manager
Hello all, I recently found a security flaw in the design of the IBM Client Security Password Manager an application used to authenticate application forms using fingerprints. It came to my attention that the application only recognized my e-bank site and authed against it if i had just created a...
CVE-2006-3418
Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...
CVE-2006-3418
Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...
DEBIAN-CVE-2006-3418
Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...
CVE-2006-3418
Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...
CVE-2006-3418
CVE-2006-3418 concerns Tor before 0.1.1.20, where the server descriptor fingerprint line is not validated against its identity key. This allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications. The connected documents corroborate the same descr...
CVE-2006-3418
Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...
CVE-2001-1503
Vulnerability: The finger daemon (in.fingerd) in Sun Solaris 2.5–8 and SunOS 5.5–5.8 allows remote attackers to list all user accounts by sending a crafted finger request (e.g., finger 'a b c d e f g h'@host). Affects multiple Solaris releases; impact is limited to information disclosure of accou...
MD5 - Message Digest Algorithm Hash Collision
source: https://www.securityfocus.com/bid/11849/info The MD5 algorithm is reported prone to a hash collision weakness. This weakness reportedly allows attackers to create multiple, differing input sources that, when the MD5 algorithm is used, result in the same output fingerprint. It has been...
Special device access and DoS in Microsoft Internet Exporer
Title: special device access and DoS in Microsoft Internet Exporer/Outlook Express/Outlook Authors: ERRor, 3APA3A Date: May, 14 2002 Affected: Internet Explorer 6.0 Vendor: Microsoft Risk: Average to high Remote: Yes Exploitable: Yes Vendor notified: April, 24 2002 Intro: All versions of Windows...
WorkforceROI Xpede 4.1/7.0 - Weak Password Encryption
source: https://www.securityfocus.com/bid/4344/info An issue has been reported in Xpede, which could lead to a compromise of user authentication information. Reportedly, Xpede cookies containing username and password data is stored using a weak encryption method. Therefore if a user obtains acces...