CVE-2009-0657

Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user...

CVE-2009-0657

The CVE-2009-0657 entry refers to Toshiba Face Recognition 2.0.2.32. A physically proximate attacker can gain notebook access by presenting a large number of images with altered viewpoint and lighting to match a stored image of the authorized user. Per NVD, the exploit is local, with medium compl...

[SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops

VULNERABILITY IN FACE RECOGNITION AUTHENTICATION MECHANISM LENOVO-ASUS-TOSHIBA LAPTOPS 1. General Information Face Recognition feature is provided by Asus, Lenovo and Toshiba as specialized software that is issued together with their laptops. This feature is embedded into all laptop families havi...

Face recognition authentication bypass

Authentication can be bypassed with series of photo or video...

Microsoft Vista speech recognition unauthorized access

Speech recognition may be used as an attack vector against client computer with e.h. HTML page with embedded sound...

DEBIAN-CVE-2008-2285

The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorizedkeys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool...

CVE-2007-6596

ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file...

Low: Red Hat Security Advisory: coolkey security and bug fix update

Updated coolkey packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. coolkey contains the driver support for the CoolKey and Common Access Card CAC Smar...

Microsoft Windows speech recognition / synthesis ActiveX buffer overflow

Buffer overflows in DirectSpeechSynthesis Module XVoice.dll / DirectSpeechRecognition Module Xlisten.dll...

FreeBSD : snort -- DCE/RPC preprocessor vulnerability (afdf500f-c1f6-11db-95c5-000c6ec775d9)

A IBM Internet Security Systems Protection Advisory reports : Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for...

Windows Vista语音识别命令执行漏洞

Windows Vista是微软公司开发的最新的操作系统。 Windows Vista内置的语音识别功能存在安全问题，远程攻击者可以利用漏洞在目标用户机器上执行任意命令。 在Vista上起用了语音识别功能及正确配置后，攻击者可以利用音频文件对系统发布类似“copy”, “delete”, ”shutdown”等命令，不过如果用户在电脑前面，也会听到这些命令的发布。不过使用语音命令不能绕过UAC提示来执行类似建立用户等特权功能。 Microsoft Windows Vista Ultimate Microsoft Windows Vista Home Premium Microsoft...

CVE-2007-0675

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...

Design/Logic Flaw

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...

CVE-2007-0675

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...

[Dailydave] Vista speach recognition

I ran some more tests and here is a very realistic scenario. 1. Website says "start listening" to toggle an idle speech system in Vista to listening mode. 2. Website says "start", "windows explorer" 3. Website says "downloads", "documents", 3, OK, to toggle to downloads then back to documents and...

DEBIAN-CVE-2005-1141

Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, which leads to a heap-based buffer overflow...

CVE-2003-1092

Unknown vulnerability in the "Automatic File Content Type Recognition AFCTR Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact...

CVE-2003-1092

Unknown vulnerability in the "Automatic File Content Type Recognition AFCTR Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact...

CVE-2003-1092

Unknown vulnerability in the "Automatic File Content Type Recognition AFCTR Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact...

DEBIAN-CVE-2003-1092

Unknown vulnerability in the "Automatic File Content Type Recognition AFCTR Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact...