EUVD-2009-0203

Malware in sbrugna...

CVE-2009-0194

The domain-locking implementation in the GARMINAXCONTROL.GarminAxControlt.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that 1 download and 2 upload requests come from a web site specified by the user, which allows remote...

CVE-2009-0194

CVE-2009-0194 affects Garmin Communicator Plug-In 2.6.4.0 (npGarmin.dll, GARMINAXCONTROL.GarminAxControl_t.1 ActiveX). The domain-locking mechanism does not properly enforce that download/upload requests originate from a user-specified site, enabling a synchronisation error that can lead to unaut...

KLA10172 Vulnerability in Garmin Communicator Plugin

An improper restriction was found in Garmin Communicator Plug-In. By exploiting this vulnerability malicious users can obtain sensitive information or reconfigure GPS device. This vulnerability can be exploited remotely via unspecified vectors. Original advisories - Related products...

Secunia Research: Garmin Communicator Plug-In Domain Locking Security Bypass

====================================================================== Secunia Research 07/05/2009 - Garmin Communicator Plug-In Domain Locking Security Bypass - ====================================================================== Table of Contents Affected...