1131 matches found
Mozilla Firefox CSS font-face Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of...
Mozilla Codesighs Memory Corruption
!/usr/bin/perl thedailyshow.pl AKA Mozilla Codesighs Memory Corruption PoC Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 12.12.2009 257 while0 == retval && NULL != fgetslineBuffer, sizeoflineBuffer, inOptions-mInput gdb 259 trimWhitelineBuffer; gdb trimWhite...
Mozilla Codesighs - Memory Corruption
!/usr/bin/perl thedailyshow.pl AKA Mozilla Codesighs Memory Corruption PoC Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 12.12.2009 257 while0 == retval && NULL != fgetslineBuffer, sizeoflineBuffer, inOptions-mInput gdb 259 trimWhitelineBuffer; gdb trimWhite...
Facial Recognition Research Claims Near 100% Accuracy
Mohamed Abdel-Mottaleb, professor and chair in the UM Department of Electrical and Computer Engineering has developed state-of-the-art systems capable of photographing an image of someone’s face and ear and comparing it against pre-stored images of the same person, with 95-100 percent accuracy...
Microsoft Windows嵌入式OpenType字体引擎拒绝服务漏洞
BUGTRAQ ID: 36029 CVECAN ID: CVE-2009-3020 Microsoft Windows是微软开发的非常流行的操作系统。 Windows Server 2003 SP2的嵌入式OpenType(EOT)字体引擎所使用的win32k.sys驱动中存在拒绝服务漏洞。如果用户受骗打开的HTML文档中@font- face CSS规则的src描述符引用了特制的.eot文件,就可能导致系统崩溃。 Microsoft Windows Server 2003 SP2 厂商补丁: Microsoft ---------...
CVE-2009-3020
win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attackers to cause a denial of service system crash by referencing a crafted .eot file in the src descriptor of an @font-face Cascading Style Sheets CSS rule in an HTML document, possibly related to the Embedded OpenType EOT Font Engin...
Design/Logic Flaw
win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attackers to cause a denial of service system crash by referencing a crafted .eot file in the src descriptor of an @font-face Cascading Style Sheets CSS rule in an HTML document, possibly related to the Embedded OpenType EOT Font Engin...
CVE-2009-0657
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user...
Code injection
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user...
CVE-2009-0657
The CVE-2009-0657 entry refers to Toshiba Face Recognition 2.0.2.32. A physically proximate attacker can gain notebook access by presenting a large number of images with altered viewpoint and lighting to match a stored image of the authorized user. Per NVD, the exploit is local, with medium compl...
CVE-2009-0657
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user...
[SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops
VULNERABILITY IN FACE RECOGNITION AUTHENTICATION MECHANISM LENOVO-ASUS-TOSHIBA LAPTOPS 1. General Information Face Recognition feature is provided by Asus, Lenovo and Toshiba as specialized software that is issued together with their laptops. This feature is embedded into all laptop families havi...
Face recognition authentication bypass
Authentication can be bypassed with series of photo or video...
Debian Security Advisory DSA 340-1 (x-face-el)
The remote host is missing an update to x-face-el announced via advisory DSA 340-1. OpenVAS Vulnerability Test $Id: deb3401.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 340-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 338-1 (x-face-el)
The remote host is missing an update to x-face-el announced via advisory DSA 338-1. OpenVAS Vulnerability Test $Id: deb3381.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 338-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-340)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GDM: Privilege escalation
Background GDM is the GNOME display manager. Description GDM allows a normal user to access the configuration manager. Impact When the "face browser" in GDM is enabled, a normal user can use the "configure login manager" with his/her own password instead of the root password, and thus gain...
Design/Logic Flaw
GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges...
CVE-2006-2452
GNOME GDM 2.8, 2.12, 2.14, and 2.15 with the face browser feature enabled allow a local user to access the Configure Login Manager using their own password instead of root, potentially elevating privileges. Root cause: bypass of root-authenticated access to login-manager configuration. Affected v...
rPSA-2006-0098-1 gdm
rPath Security Advisory: 2006-0098-1 Published: 2006-06-08 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Local System User Deterministic Privilege Escalation Updated Versions: gdm=/conary.rpath.com@rpl:devel//1/2.8.0.8-0.1-1 References:...