Vulnerabilities > CVE-2008-5827 - Configuration vulnerability in Nokia 6131 NFC 05.12
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware automatically installs software upon completing the download of a JAR file, which makes it easier for remote attackers to execute arbitrary code via a crafted URI record in an NDEF tag.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 1 |
Common Weakness Enumeration (CWE)
References
- http://events.ccc.de/congress/2008/Fahrplan/attachments/1109_collin_mulliner_eusecwest08_attacking_nfc_phones_slim.pdf
- http://events.ccc.de/congress/2008/Fahrplan/events/2639.en.html
- http://www.mulliner.org/nfc/feed/collin_mulliner_25c3_attacking_nfc_phones.pdf
- http://www.mulliner.org/nfc/feed/collin_mulliner_eusecwest08_attacking_nfc_phones.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44528