14 matches found
EUVD-2007-5534
Malware in sbrugna...
CVE-2007-5559
Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is...
Lenovo ThinkVantage Communications Utility 3.0.42.0 Privilege Escalation
Exploit Title: Lenovo ThinkVantage Communications Utility - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 3.0.42.0 Tested on: Windows 7 Professional The Lenovo ThinkVantage Communications Utility installs 2 services with unquoted service paths. Thi...
Lenovo ThinkVantage Communications Utility 3.0.42.0 Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Title: Lenovo ThinkVantage Communications Utility - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 3.0.42.0 Tested on: Windows 7 Professional The Lenovo ThinkVantage Communications...
Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation
Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation Exploit Title: Lenovo ThinkVantage Communications Utility - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 3.0.42.0 Tested on: Windows 7 Professional Th...
Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation
Exploit Title: Lenovo ThinkVantage Communications Utility - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 3.0.42.0 Tested on: Windows 7 Professional The Lenovo ThinkVantage Communications Utility installs 2 services with unquoted service paths. Thi...
Access Connections Privilege Escalation
Lenovo Security Advisory: LEN-2015-033 Potential Impact: Escalation of Privileges Severity: High Summary: ThinkVantage Access Connections contains a vulnerability that may allow a local user to escalate their privilege level. Description: This vulnerability can be exploited by a user with local...
Access Connections Privilege Escalation - Lenovo Support US
No description provided...
联想 ThinkVantage System Update 软件 UNCServer.exe 后门漏洞
文章作者: DannyWei@腾讯玄武实验室 参考来源: http://drops.wooyun.org/papers/10231 原文标题: 一个PC上的 "WormHole" 漏洞 前言 --- 最近安全界关注的焦点 WormHole 是一类不安全的开发习惯所导致的,在 PC 上类似问题也毫不罕见,只不过很多风险被微软默认自带的防火墙缓解了。希望本文和众多关于 WormHole 的讨论能获多或少地提高一些开发人员的安全意识。 下面要介绍的问题可导致的后果和 WormHole 非常类似:影响上亿用户、访问一个端口发送一条指令就可以让目标系统下载一个程序并执行。...
CVE-2015-2233
Lenovo System Update (before 5.06.0034) is affected by CVE-2015-2233 due to improper validation of CA chains during signature validation. This allows a man-in-the-middle with a crafted certificate to upload and execute arbitrary files. Affected software is Lenovo System Update prior to 5.06.0034,...
CVE-2007-5559
Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is...
Heap overflow
Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is...
CVE-2007-5559
CVE-2007-5559 affects the IBM ThinkVantage TPM Service and is a heap-based buffer overflow that could allow remote attackers to execute arbitrary code via a crafted HTTP packet. The description indicates the disclosure was vague as of 2007-10-16, but the vulnerability is tracked across multiple f...
CVE-2007-5559
Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is...