24 matches found
EUVD-2021-17285
Malware in sbrugna...
EUVD-2010-5227
Malware in sbrugna...
CVE-2021-30355
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root...
CVE-2021-30354
Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand and results in a memory corruption that leads to code execution when parsing a crafted PDF book...
CVE-2010-5268
Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 30884 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .azw file. NOTE: some of these details are obtained from third party...
CVE-2021-30355
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root...
CVE-2021-30355
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root...
Design/Logic Flaw
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root...
CVE-2021-30354
Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand and results in a memory corruption that leads to code execution when parsing a crafted PDF book...
CVE-2021-30355
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root...
Amazon Kindle Vulnerable to Malicious EBooks
A security flaw in Amazon’s Kindle e-reader made it vulnerable to malicious eBooks, opening the door to turning the devices into bots, compromising personal information and more. That’s according to Check Point researcher Slava Makkaeveev, who released the findings Friday. Check Point disclosed t...
New Amazon Kindle Bug Could've Let Attackers Hijack Your eBook Reader
Amazon earlier this April addressed a critical vulnerability in its Kindle e-book reader platform that could have been potentially exploited to take full control over a user's device, resulting in the theft of sensitive information by just deploying a malicious e-book. "By sending Kindle users a...
Amazon Kindle RCE Attack Starts with an Email
Three vulnerabilities in the Amazon Kindle e-reader would have allowed a remote attacker to execute code and run it as root – paving the way for siphoning money from unsuspecting users. Yogev Bar-On, researcher at Realmode Labs, found that it was possible to email malicious e-books to the devices...
Amazon Kindle, Embedded Devices Open to Code-Execution
Multiple vulnerabilities have been found in Das U-Boot, a universal bootloader commonly used in embedded devices like Amazon Kindles, ARM Chromebooks and networking hardware. The bugs could allow attackers to gain full control of an impacted device’s CPU and modify anything they choose. Researche...
CVE-2017-6189
Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer...
CVE-2017-6189
The CVE-2017-6189 issue affects Amazon Kindle for PC prior to 1.19, where an untrusted search path allows local users to perform DLL hijacking and arbitrary code execution via a Trojan DLL placed in the Kindle Setup installer’s current working directory. The vulnerability is tied to the Kindle Se...
CVE-2017-6189
Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer...
Amazon Kindle - Exported ContentProvider, Insecure KeyStore, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Amazon Kindle published at the 'play' market has multiple vulnerabilities...
CVE-2014-3908
The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2010-5268
Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 30884 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .azw file. NOTE: some of these details are obtained from third party...