QwikSec

Security Database

CVE

CWE

Training

CVE-2011-0638

Published: Jan 25, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://news.cnet.com/8301-27080_3-20028919-245.html

x_refsource_MISC

oval:org.mitre.oval:def:12566

vdb-entry

signature

x_refsource_OVAL

http://www.blackhat.com/html/bh-dc-11/bh-dc-11-briefings.html#Stavrou

x_refsource_MISC

http://www.cs.gmu.edu/~astavrou/publications.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.