Vulnerabilities > CVE-2007-0859 - Information Disclosure vulnerability in Palm Treo 650/680/700P
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 3 |
References
- http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445
- http://osvdb.org/33724
- http://securityreason.com/securityalert/2260
- http://www.securityfocus.com/archive/1/460059/100/0/threaded
- http://www.securityfocus.com/archive/1/460328/100/0/threaded
- http://www.securityfocus.com/archive/1/460901/100/0/threaded
- http://www.securityfocus.com/archive/1/460908/100/0/threaded
- http://www.securityfocus.com/archive/1/460911/100/0/threaded
- http://www.securityfocus.com/archive/1/460954/100/0/threaded
- http://www.securityfocus.com/bid/22468
- http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32502