CVE-2006-6953

Published: Jan 29, 2007Modified: Apr 23, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key as it is pressed, which allows local users to capture arbitrary keystrokes, such as for passwords, by shoulder surfing or grabbing periodic screenshots.

Affected (1)

Products: Globetrotter: Mobility Manager

Globetrotter

1 product

Mobility Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Globetrotter Mobility Manager	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://img45.imageshack.us/my.php?image=poc7ik.jpg

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/438376/100/100/threaded

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27447

Source: cve@mitre.org

http://img45.imageshack.us/my.php?image=poc7ik.jpg

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/438376/100/100/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/27447

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.