57 matches found
SUSE CVE-2020-6378
Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
SUSE CVE-2020-6505
Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
Google Assistant Authentication Bypass Vulnerability
Google Assistant suffered from an authentication bypass vulnerability allowing a webpage to execute commands without permission. Auth Bypass in Google Assistant Summary: Webpage can execute Google Assistant commands without any permissions Steps to reproduce: Generate the TTS audio files using th...
'Lamphone' Hack Uses Lightbulb Vibrations to Eavesdrop on Homes
Researchers have discovered a novel way to spy on conversations that are happening in houses from almost a hundred feet away. The hack stems simply from a lightbulb hanging in the home. The hack, dubbed “lamphone,” is performed by analyzing the tiny vibrations of a hanging lightbulb, which are...
UBUNTU-CVE-2020-6386
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2019-0985
A remote code execution vulnerability exists when the Microsoft Speech API SAPI improperly handles text-to-speech TTS input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an...
CVE-2019-0985
A remote code execution vulnerability exists when the Microsoft Speech API SAPI improperly handles text-to-speech TTS input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an...
Remote code execution
A remote code execution vulnerability exists when the Microsoft Speech API SAPI improperly handles text-to-speech TTS input, aka 'Microsoft Speech API Remote Code Execution Vulnerability'...
CVE-2019-0985
CVE-2019-0985 is a remote code execution vulnerability in Microsoft Speech API (SAPI) triggered by text-to-speech input. The issue arises when TTS content invoked via scripting is processed in memory, potentially allowing arbitrary code execution in the context of the current user. How it is expl...
CVE-2019-0985 Microsoft Speech API Remote Code Execution Vulnerability
...
Microsoft Windows Multiple Vulnerabilities (KB4503292)
This host is missing a critical security update according to Microsoft KB4503292 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
Microsoft Speech API Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Speech API SAPI improperly handles text-to-speech TTS input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an...
Microsoft Windows Speech API CVE-2019-0985 Remote Code Execution Vulnerability
Description Microsoft Windows Speech API is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
KLA11874 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products ESU. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of...
Microsoft Speech API Remote Code Execution (CVE-2019-0985)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
w32-speaking-shellcode
No description provided by source. A null-free shellcode for 32-bit versions of Windows 5.0-7.0 all service packs that uses Microsoft Speech API to say You got pwned! over the speakers. Includes optional code that fixes stack alignment adds 5 bytes and bypasses EAF adds 29 bytes. Features: NULL...
Google Chrome Eavesdropping Exploit Published
The developer of the annyang speech recognition JavaScript library has published exploit code for a bug in Google’s Chrome browser that could allow a malicious website to eavesdrop using a computer’s microphone long after a visitor has left a website. The code disclosure is in response, said...
Stable Channel Update
The Chrome team is excited to announce the promotion of Chrome 25 to the Stable Channel. Chrome 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for Mac contain a number of new items including: Improvements in managing and securing your extensions Better support for HTML5 time/date inputs...
OllyDbg 2.01 Alpha 2 Tool New Version Download !
"OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable." Version 2.01 alpha 2 is an intermediate functional release with many new useful features. The most important novelt...
Windows Speech API - Say "You Got Pwned!"
Causes the target to say "You Got Pwned" via the Windows Speech API This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework =begin https://www.exploit-db.com/sploits/w32-speaking-shellcode.zip Copyright c 2009-2010 Berend-Jan...