Lucene search
K

556 matches found

NVD
NVD
added 2009/08/03 6:30 p.m.27 views

CVE-2009-2204

Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapor...

10CVSS6.9AI score0.08467EPSS
Exploits2References10
Cvelist
Cvelist
added 2009/08/03 6:0 p.m.31 views

CVE-2009-2204

Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapor...

6.9AI score0.08467EPSS
Exploits2References10
CVE
CVE
added 2009/08/03 6:0 p.m.61 views

CVE-2009-2204

CVE-2009-2204 affects Apple iPhone OS prior to 3.0.1 in the CoreTelephony component. A memory-corruption flaw triggered by an SMS can enable remote code execution and expose GPS coordinates or enable the microphone, as demonstrated by Charlie Miller at SyScan ’09. A patch addressing this issue wa...

10CVSS7.2AI score0.08467EPSS
Exploits2References10Affected Software1
Prion
Prion
added 2009/07/17 4:30 p.m.23 views

Design/Logic Flaw

Android 1.5 CRBxx allows local users to bypass the 1 Manifest.permission.CAMERA aka android.permission.CAMERA and 2 Manifest.permission.AUDIORECORD aka android.permission.RECORDAUDIO configuration settings by installing and executing an application that does not make a permission request before...

6.9CVSS6.5AI score0.0036EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2009/07/17 4:0 p.m.27 views

CVE-2009-2348

Android 1.5 CRBxx allows local users to bypass the 1 Manifest.permission.CAMERA aka android.permission.CAMERA and 2 Manifest.permission.AUDIORECORD aka android.permission.RECORDAUDIO configuration settings by installing and executing an application that does not make a permission request before...

6.2AI score0.0036EPSS
Exploits1References8
CVE
CVE
added 2009/07/17 4:0 p.m.66 views

CVE-2009-2348

Android 1.5 CRBxx allows local users to bypass CAMERA and AUDIO_RECORD permission checks by installing an app that does not request permissions before using the camera or microphone. Affected: all 1.5 CRBxx variants. Root cause: improper permission verification in Android’s runtime/device policy ...

6.9CVSS6.3AI score0.0036EPSS
Exploits1References8Affected Software1
RedHat Linux
RedHat Linux
added 2008/11/12 5:23 p.m.8 views

Adobe Flash Player clickjacking

The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking...

6.8CVSS5.9AI score0.04185EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/10/28 2:29 p.m.6 views

Adobe Flash Player clickjacking

The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking...

6.8CVSS5.9AI score0.04185EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2008/10/16 12:0 a.m.35 views

Adobe Flash Player Multiple Security Bypass Vulnerabilities - Windows

Adobe Flash Player is prone to multiple security bypass vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS7.6AI score0.08467EPSS
Exploits5References5
Prion
Prion
added 2008/10/09 6:0 p.m.26 views

Design/Logic Flaw

The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking...

6.8CVSS6.7AI score0.04185EPSS
Exploits0References21Affected Software1
CVE
CVE
added 2008/10/09 4:0 p.m.80 views

CVE-2008-4503

CVE-2008-4503 : Adobe Flash Player before 9.0.124.0 has a Settings Manager display flaw enabling clickjacking, where malicious content can disguise dialogs to trick the user into interacting with a link or dialog, potentially granting camera/microphone access. Multiple sources (Gentoo GLSA, OpenV...

6.8CVSS6.3AI score0.04185EPSS
Exploits0References21Affected Software1
NVD
NVD
added 2007/02/03 1:28 a.m.31 views

CVE-2007-0675

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...

7.6CVSS6.7AI score0.1722EPSS
Exploits1References13
Prion
Prion
added 2007/02/03 1:28 a.m.22 views

Design/Logic Flaw

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...

7.6CVSS7AI score0.1722EPSS
Exploits1References13
Cvelist
Cvelist
added 2007/02/03 1:0 a.m.33 views

CVE-2007-0675

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...

6.7AI score0.1722EPSS
Exploits1References13
securityvulns
securityvulns
added 2005/12/17 12:0 a.m.31 views

Widcomm BTW Bluetooth for Windows remote audio device access

It's possible to access audio data from microphone attached to PC or to play sound on PC speakers...

5.8AI score
Exploits0References1Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.54 views

CVE-1999-1137

CVE-1999-1137 concerns the /dev/audio device on Solaris 2.2 and earlier and SunOS 4.1.x. Permissions allow any local user to read the device, enabling potential eavesdropping on nearby conversations. Root cause: permissive read access to the audio device; affected components are the legacy Solari...

2.1CVSS7AI score0.00365EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder