Lucene search
+L

1396 matches found

Prion
Prion
added 2007/09/10 9:17 p.m.17 views

Directory traversal

Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory...

6.8CVSS7.2AI score0.01857EPSS
Exploits0References10
CVE
CVE
added 2007/09/10 9:0 p.m.43 views

CVE-2007-4785

CVE-2007-4785 concerns Sony Micro Vault Fingerprint Access Software shipped with Sony Micro Vault USM-F USB drives. The vulnerability arises from a driver that hides a directory under %WINDIR%, which could allow a remote attacker to bypass malware detection by placing files in that hidden directo...

6.8CVSS6.7AI score0.01857EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2007/09/10 9:0 p.m.27 views

CVE-2007-4785

Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory...

6.6AI score0.01857EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/09/07 12:0 a.m.17 views

JVN#35677737 Fingerprint Authentication Software for Sony Pocket Bit installs hidden folders and files

Some models of Sony Pocket Bit series contain Fingerprint Authentication Software. Fingerprint Authentication Software installs hidden folders and files, that is, the folders and files are not visible using ordinary system tools. Impact A remote attacker could use hidden folders for unintended...

7AI score
Exploits0
myhack58
myhack58
added 2007/08/30 12:0 a.m.53 views

Overwrite the SEH overflow exploit detection ideas-vulnerability warning-the black bar safety net

See Security focus on a review of the stack-based fingerprint detecting a buffer overflow of some ideas, which is in the ShellCode is already running in its call stackis Hook the sub calls the function LoadLibraryis detected, some use an overflow overwriting the SEH Handler, and then any programs...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2006/10/04 12:0 a.m.30 views

Security flaw in IBM Client Security Password Manager

Hello all, I recently found a security flaw in the design of the IBM Client Security Password Manager an application used to authenticate application forms using fingerprints. It came to my attention that the application only recognized my e-bank site and authed against it if i had just created a...

0.2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/07/07 12:5 a.m.29 views

CVE-2006-3418

Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...

5CVSS5.9AI score0.02097EPSS
Exploits0References1
OSV
OSV
added 2006/07/07 12:5 a.m.10 views

CVE-2006-3418

Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...

6.9AI score
Exploits0References5
OSV
OSV
added 2006/07/07 12:5 a.m.4 views

DEBIAN-CVE-2006-3418

Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...

5CVSS6.9AI score0.02097EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/07/07 12:0 a.m.19 views

CVE-2006-3418

Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...

6.6AI score0.02097EPSS
Exploits0References4
CVE
CVE
added 2006/07/07 12:0 a.m.44 views

CVE-2006-3418

CVE-2006-3418 concerns Tor before 0.1.1.20, where the server descriptor fingerprint line is not validated against its identity key. This allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications. The connected documents corroborate the same descr...

5CVSS6.6AI score0.02097EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2006/07/07 12:0 a.m.32 views

CVE-2006-3418

Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...

5CVSS4.2AI score0.02097EPSS
Exploits0
CVE
CVE
added 2005/06/21 4:0 a.m.77 views

CVE-2001-1503

Vulnerability: The finger daemon (in.fingerd) in Sun Solaris 2.5–8 and SunOS 5.5–5.8 allows remote attackers to list all user accounts by sending a crafted finger request (e.g., finger 'a b c d e f g h'@host). Affects multiple Solaris releases; impact is limited to information disclosure of accou...

2.1CVSS6.5AI score0.00764EPSS
Exploits0References4Affected Software2
Exploit DB
Exploit DB
added 2004/12/07 12:0 a.m.101 views

MD5 - Message Digest Algorithm Hash Collision

source: https://www.securityfocus.com/bid/11849/info The MD5 algorithm is reported prone to a hash collision weakness. This weakness reportedly allows attackers to create multiple, differing input sources that, when the MD5 algorithm is used, result in the same output fingerprint. It has been...

7AI score
Exploits0
security_vulns
security_vulns
added 2002/05/14 12:0 a.m.26 views

Special device access and DoS in Microsoft Internet Exporer

Title: special device access and DoS in Microsoft Internet Exporer/Outlook Express/Outlook Authors: ERRor, 3APA3A Date: May, 14 2002 Affected: Internet Explorer 6.0 Vendor: Microsoft Risk: Average to high Remote: Yes Exploitable: Yes Vendor notified: April, 24 2002 Intro: All versions of Windows...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2002/03/22 12:0 a.m.19 views

WorkforceROI Xpede 4.1/7.0 - Weak Password Encryption

source: https://www.securityfocus.com/bid/4344/info An issue has been reported in Xpede, which could lead to a compromise of user authentication information. Reportedly, Xpede cookies containing username and password data is stored using a weak encryption method. Therefore if a user obtains acces...

7.4AI score
Exploits0
Rows per page
Query Builder