Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0655

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2009-0655
Last Modified 10 Sep 2009 12:00:00
Published 20 Feb 2009 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0655

Summary

Lenovo Veriface III allows physically proximate attackers to login to a Windows account by presenting a "plain image" of the authorized user.

Vulnerable Systems

Application

  • Lenovo Veriface Iii


References

XF - lenovo-plainimage-unauth-access(48961)

BID - 32700

BUGTRAQ - 20081208 [SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops

MISC - http://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf

MISC - http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Nguyen

MISC - http://security.bkis.vn/?p=292


Last Updated: 27 May 2016 10:50:20