47 matches found
CVE-2017-9831
An integer overflow vulnerability in the ptpunpackEOSCustomFuncEx function of the ptp-pack.c file of libmtp version 1.1.12 and below allows attackers to cause a denial of service out-of-bounds memory access or maybe remote code execution by inserting a mobile device into a personal computer throu...
Integer overflow
An integer overflow vulnerability in ptp-pack.c ptpunpackOPL function of libmtp version 1.1.12 and below allows attackers to cause a denial of service out-of-bounds memory access or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable...
DualToy Windows Trojan Attacks Android, iOS Devices
A Windows Trojan called DualToy has been discovered that can side load malicious apps onto Android and iOS devices via a USB connection from an infected computer. Researchers from Palo Alto Networks said DualToy has been in existence since January 2015, and it originally was limited to installing...
CVE-2014-2388
The Storage and Access service in BlackBerry OS 10.x before 10.2.1.1925 on Q5, Q10, Z10, and Z30 devices does not enforce the password requirement for SMB filesystem access, which allows context-dependent attackers to read arbitrary files via 1 a session over a Wi-Fi network or 2 a session over a...
BlackBerry PlayBook Tablet Samba文件共享远程代码执行漏洞
BUGTRAQ ID: 52103 Playbook是一款由黑莓手机厂商RIM研制的平板电脑。它突出游戏、媒体发布和协作功能。 BlackBerry PlayBook在畸形Samba服务的实现上存在远程代码执行漏洞,攻击者可通过Wi-Fi网络或物理接触USB连接计算机利用此漏洞以管理者权限执行任意代码,造成完全控制受影响计算机。 0 BlackBerry PlayBook Tablet Software 1.0.8.6067 BlackBerry PlayBook Tablet Software 1.0.5.2304 BlackBerry PlayBook Tablet Software...
Code injection
Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption XOR obfuscation with a fixed key when sending the user's PIN/Password over the USB connection from the host to the device, which might make it easier for attackers to decode a PIN/Password obtained by 1 sniffing or 2...
CVE-2007-5460
Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption XOR obfuscation with a fixed key when sending the user's PIN/Password over the USB connection from the host to the device, which might make it easier for attackers to decode a PIN/Password obtained by 1 sniffing or 2...