18 matches found
CVE-2013-5164
Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane...
CVE-2020-23768
An information disclosure vulnerability was discovered in alipayfunction.php in the log file of Alibaba payment interface on PHPPYUN prior to version 5.0.1. If exploited, this vulnerability will allow attackers to obtain users' personally identifiable information including e-mail address and...
CVE-2020-23768
An information disclosure vulnerability was discovered in alipayfunction.php in the log file of Alibaba payment interface on PHPPYUN prior to version 5.0.1. If exploited, this vulnerability will allow attackers to obtain users' personally identifiable information including e-mail address and...
Mitel mitel-cs018 - Call Data Information Disclosure Vulnerability
Exploit Title: Mitel mitel-cs018 - Call Data Information Disclosure Exploit Author: Andrea Intilangelo acme olografix / paranoici Vendor Homepage: www.mitel.com Version: mitel-cs018 Tested on: Windows, Linux There is an interesting bug in a Mitel's servers for Voice over IP that allows to discove...
Mitel mitel-cs018 - Call Data Information Disclosure
Exploit Title: Mitel mitel-cs018 - Call Data Information Disclosure Date: 2003-07-28 Exploit Author: Andrea Intilangelo acme olografix / paranoici Vendor Homepage: www.mitel.com Version: mitel-cs018 Tested on: Windows, Linux There is an interesting bug in a Mitel's servers for Voice over IP that...
Hackers Selling Uber Credentials on Underground Market
The alternative taxi service Uber denies insinuations that its systems were breached following reports claiming that underground forums are offering Uber user-credentials for as little as $1. First reported by Vice Magazine’s Motherboard spinoff, the information for sale also includes names, the...
Design/Logic Flaw
Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass the lock-screen protection mechanism, and read or modify contact information or dial arbitrary telephone numbers, by tapping the SOS Option and then tapping the Green Call Option...
Facebook hack exposes contact Information of 6 Million Users
Facebook is alerting its users about a security breach due to a technical glitch, that may have inadvertently exposed the email addresses and telephone numbers of roughly 6 million users. "We recently received a report to our White Hat program regarding a bug that may have allowed some of a...
Design/Logic Flaw
The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remot...
US Army's CECOM Data leaked by Hacker
US Army's CECOM Data leaked by Hacker Hacker Black Jester recently published contract information from a Web site connected to the U.S. Army Communications and Electronics Command CECOM. "30 record sets that include names, user IDs, physical addresses, email addresses, telephone numbers, and...
CVE-2007-5468
Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID aka "toll fraud and authentication...
CVE-2007-3755
Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make calls to arbitrary telephone numbers via a "tel:" link, which does not prompt the user before dialing the number...
CVE-2007-3757
Safari in Apple iPhone 1.1.1 allows remote user-assisted attackers to trick the iPhone user into making calls to arbitrary telephone numbers via a crafted "tel:" link that causes iPhone to display a different number than the number that will be dialed...
Code injection
Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make calls to arbitrary telephone numbers via a "tel:" link, which does not prompt the user before dialing the number...
CVE-2007-3757
Safari in Apple iPhone 1.1.1 allows remote user-assisted attackers to trick the iPhone user into making calls to arbitrary telephone numbers via a crafted "tel:" link that causes iPhone to display a different number than the number that will be dialed...
CVE-2007-3757
CVE-2007-3757 describes a vulnerability in Apple iPhone 1.1.1 where the embedded Safari browser mishandles tel: links, allowing a crafted link to cause the user to initiate a call to a different number than the one displayed. The issue affects the iPhone’s handling of tel: hyperlinks; exploitatio...
CVE-2007-3755
The CVE-2007-3755 issue affects the Apple iPhone’s Mail client (around v1.1.1) where embedded tel: links can trigger phone calls without user confirmation. The root cause is processing tel: hyperlinks in the Mail client that allows remote user-assisted attackers to cause the device to dial arbitr...
With ASP Trojan FTP and decompression-vulnerability warning-the black bar safety net
In broilers placed on the website,the most troublesome is probably the update and upload a lot of files, Terminal Services broad daylight easy to be found,open your own ftp and not assured. Your own online in a circle is found by combining the non-component upload asp Trojan can be easily achieve...