Lucene search
+L

1131 matches found

Zero Day Initiative
Zero Day Initiative
added 2010/07/20 12:0 a.m.103 views

Mozilla Firefox CSS font-face Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of...

10CVSS4AI score0.09782EPSS
Exploits5References1
Packet Storm
Packet Storm
added 2009/12/12 12:0 a.m.32 views

Mozilla Codesighs Memory Corruption

!/usr/bin/perl thedailyshow.pl AKA Mozilla Codesighs Memory Corruption PoC Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 12.12.2009 257 while0 == retval && NULL != fgetslineBuffer, sizeoflineBuffer, inOptions-mInput gdb 259 trimWhitelineBuffer; gdb trimWhite...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/12 12:0 a.m.33 views

Mozilla Codesighs - Memory Corruption

!/usr/bin/perl thedailyshow.pl AKA Mozilla Codesighs Memory Corruption PoC Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 12.12.2009 257 while0 == retval && NULL != fgetslineBuffer, sizeoflineBuffer, inOptions-mInput gdb 259 trimWhitelineBuffer; gdb trimWhite...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2009/11/10 4:7 p.m.5 views

Facial Recognition Research Claims Near 100% Accuracy

Mohamed Abdel-Mottaleb, professor and chair in the UM Department of Electrical and Computer Engineering has developed state-of-the-art systems capable of photographing an image of someone’s face and ear and comparing it against pre-stored images of the same person, with 95-100 percent accuracy...

4AI score
Exploits0References2
seebug.org
seebug.org
added 2009/09/02 12:0 a.m.29 views

Microsoft Windows嵌入式OpenType字体引擎拒绝服务漏洞

BUGTRAQ ID: 36029 CVECAN ID: CVE-2009-3020 Microsoft Windows是微软开发的非常流行的操作系统。 Windows Server 2003 SP2的嵌入式OpenType(EOT)字体引擎所使用的win32k.sys驱动中存在拒绝服务漏洞。如果用户受骗打开的HTML文档中@font- face CSS规则的src描述符引用了特制的.eot文件,就可能导致系统崩溃。 Microsoft Windows Server 2003 SP2 厂商补丁: Microsoft ---------...

7.1CVSS6.4AI score0.1671EPSS
Exploits2
NVD
NVD
added 2009/08/31 4:30 p.m.34 views

CVE-2009-3020

win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attackers to cause a denial of service system crash by referencing a crafted .eot file in the src descriptor of an @font-face Cascading Style Sheets CSS rule in an HTML document, possibly related to the Embedded OpenType EOT Font Engin...

7.1CVSS8.3AI score0.1671EPSS
Exploits2References6
Prion
Prion
added 2009/08/31 4:30 p.m.31 views

Design/Logic Flaw

win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attackers to cause a denial of service system crash by referencing a crafted .eot file in the src descriptor of an @font-face Cascading Style Sheets CSS rule in an HTML document, possibly related to the Embedded OpenType EOT Font Engin...

7.1CVSS6.6AI score0.37453EPSS
Exploits3References6
NVD
NVD
added 2009/02/20 7:30 p.m.14 views

CVE-2009-0657

Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user...

6.9CVSS6.4AI score0.00364EPSS
Exploits0References6
Prion
Prion
added 2009/02/20 7:30 p.m.14 views

Code injection

Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user...

6.9CVSS6.9AI score0.00364EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2009/02/20 7:0 p.m.50 views

CVE-2009-0657

The CVE-2009-0657 entry refers to Toshiba Face Recognition 2.0.2.32. A physically proximate attacker can gain notebook access by presenting a large number of images with altered viewpoint and lighting to match a stored image of the authorized user. Per NVD, the exploit is local, with medium compl...

6.9CVSS6.6AI score0.00364EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2009/02/20 7:0 p.m.19 views

CVE-2009-0657

Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user...

6.4AI score0.00364EPSS
Exploits0References6
securityvulns
securityvulns
added 2008/12/10 12:0 a.m.37 views

[SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops

VULNERABILITY IN FACE RECOGNITION AUTHENTICATION MECHANISM LENOVO-ASUS-TOSHIBA LAPTOPS 1. General Information Face Recognition feature is provided by Asus, Lenovo and Toshiba as specialized software that is issued together with their laptops. This feature is embedded into all laptop families havi...

Exploits0
securityvulns
securityvulns
added 2008/12/10 12:0 a.m.22 views

Face recognition authentication bypass

Authentication can be bypassed with series of photo or video...

3.4AI score
Exploits0References1Affected Software2
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.11 views

Debian Security Advisory DSA 340-1 (x-face-el)

The remote host is missing an update to x-face-el announced via advisory DSA 340-1. OpenVAS Vulnerability Test $Id: deb3401.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 340-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

0.5AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.25 views

Debian Security Advisory DSA 338-1 (x-face-el)

The remote host is missing an update to x-face-el announced via advisory DSA 338-1. OpenVAS Vulnerability Test $Id: deb3381.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 338-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

10CVSS0.4AI score0.18266EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.11 views

Debian: Security Advisory (DSA-340)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2006/06/12 12:0 a.m.29 views

GDM: Privilege escalation

Background GDM is the GNOME display manager. Description GDM allows a normal user to access the configuration manager. Impact When the "face browser" in GDM is enabled, a normal user can use the "configure login manager" with his/her own password instead of the root password, and thus gain...

3.7CVSS6.6AI score0.0036EPSS
Exploits0
Prion
Prion
added 2006/06/09 10:2 a.m.14 views

Design/Logic Flaw

GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges...

3.7CVSS6.7AI score0.0036EPSS
Exploits0References14Affected Software1
CVE
CVE
added 2006/06/09 10:0 a.m.59 views

CVE-2006-2452

GNOME GDM 2.8, 2.12, 2.14, and 2.15 with the face browser feature enabled allow a local user to access the Configure Login Manager using their own password instead of root, potentially elevating privileges. Root cause: bypass of root-authenticated access to login-manager configuration. Affected v...

3.7CVSS6.4AI score0.0036EPSS
Exploits0References14Affected Software1
securityvulns
securityvulns
added 2006/06/09 12:0 a.m.46 views

rPSA-2006-0098-1 gdm

rPath Security Advisory: 2006-0098-1 Published: 2006-06-08 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Local System User Deterministic Privilege Escalation Updated Versions: gdm=/conary.rpath.com@rpl:devel//1/2.8.0.8-0.1-1 References:...

3.7CVSS0.7AI score0.0036EPSS
Exploits0
Rows per page
Query Builder