New User, Welcome!     Login

digital camera

Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow

====================================================================== 
3) Vendor's Description of Software 

"EasyHDR is an image processing software that produces and tonemapps
High Dynamic Range images from photo sequences taken with a normal
digital camera".

Product Link:
http://easyhdr.com/

======================================================================

Airscanner Mobile Security Advisory #07122001: Eye-Fi Multiple Vulnerabilities

Medium - Spoofed image injection, redirection of uploaded content, 
remote DoS of Eye-Fi service.

Summary:
The Eye-Fi is an instant solution to add wireless upload capability to 
any digital camera that supports an SD card. In the version of software 
tested, the solution has numerous vulnerabilities that can allow 
unauthorized image uploades to a PC, remotely altering the destination 
folder, remote crashing of the Eye-Fi service, and more.

Details:

RE: Millions of PDF invisibly embedded with your internal disk paths

(It would be bad if that .pdf contained username/hostname, too; I
could imagine even timestamps being problematic.)

(And yes, similar problems are elsewhere. Exif contains way too much
information, if you try to leak pictures of bonsai kitten from digital
camera.)

                                                                       Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures)

Re: Millions of PDF invisibly embedded with your internal disk paths

(It would be bad if that .pdf contained username/hostname, too; I
could imagine even timestamps being problematic.)

(And yes, similar problems are elsewhere. Exif contains way too much
information, if you try to leak pictures of bonsai kitten from digital
camera.)

                                                                        Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

CONFidence 2010, 25-26th May - Call For Participation

# Shawn Merdinger - "We Don’t Need No Stinkin’ Badges: Hacking Electronic Door Access Controllers"
# Yaniv Miron - "Microsoft Patch Analysis"
# Joseph Moti - "Don’t Touch My Winny"
# Cristofaro Mune - "(Too Much) Access Points – Exploitation Roundup"
# Chris Palmer - "Web browser PKI/SSL security policy weaknesses and a potential solution – research with the Electronic Frontier Foundation"
# Alexey Tikhonow - "De-blackboxing of digital camera"
# Zook Wilcox O’Hearn - "Tahoe-LAFS"

########## REGISTRATION ##########
We invite you to visit the CONFidence website:
http://confidence.org.pl/, whereas registration for the conference can

RE: Millions of PDF invisibly embedded with your internal disk paths

(It would be bad if that .pdf contained username/hostname, too; I
could imagine even timestamps being problematic.)

(And yes, similar problems are elsewhere. Exif contains way too much
information, if you try to leak pictures of bonsai kitten from digital
camera.)

                                                                       Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!