556 matches found
CVE-2009-2204
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapor...
CVE-2009-2204
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapor...
CVE-2009-2204
CVE-2009-2204 affects Apple iPhone OS prior to 3.0.1 in the CoreTelephony component. A memory-corruption flaw triggered by an SMS can enable remote code execution and expose GPS coordinates or enable the microphone, as demonstrated by Charlie Miller at SyScan ’09. A patch addressing this issue wa...
Design/Logic Flaw
Android 1.5 CRBxx allows local users to bypass the 1 Manifest.permission.CAMERA aka android.permission.CAMERA and 2 Manifest.permission.AUDIORECORD aka android.permission.RECORDAUDIO configuration settings by installing and executing an application that does not make a permission request before...
CVE-2009-2348
Android 1.5 CRBxx allows local users to bypass the 1 Manifest.permission.CAMERA aka android.permission.CAMERA and 2 Manifest.permission.AUDIORECORD aka android.permission.RECORDAUDIO configuration settings by installing and executing an application that does not make a permission request before...
CVE-2009-2348
Android 1.5 CRBxx allows local users to bypass CAMERA and AUDIO_RECORD permission checks by installing an app that does not request permissions before using the camera or microphone. Affected: all 1.5 CRBxx variants. Root cause: improper permission verification in Android’s runtime/device policy ...
Adobe Flash Player clickjacking
The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking...
Adobe Flash Player clickjacking
The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking...
Adobe Flash Player Multiple Security Bypass Vulnerabilities - Windows
Adobe Flash Player is prone to multiple security bypass vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking...
CVE-2008-4503
CVE-2008-4503 : Adobe Flash Player before 9.0.124.0 has a Settings Manager display flaw enabling clickjacking, where malicious content can disguise dialogs to trick the user into interacting with a link or dialog, potentially granting camera/microphone access. Multiple sources (Gentoo GLSA, OpenV...
CVE-2007-0675
A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...
Design/Logic Flaw
A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...
CVE-2007-0675
A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...
Widcomm BTW Bluetooth for Windows remote audio device access
It's possible to access audio data from microphone attached to PC or to play sound on PC speakers...
CVE-1999-1137
CVE-1999-1137 concerns the /dev/audio device on Solaris 2.2 and earlier and SunOS 4.1.x. Permissions allow any local user to read the device, enabling potential eavesdropping on nearby conversations. Root cause: permissive read access to the audio device; affected components are the legacy Solari...