Vulnerabilities > Nokia

DATE CVE VULNERABILITY TITLE RISK
2011-01-20 CVE-2011-0498 Buffer Errors vulnerability in Nokia Multimedia Player 1.00.55.5010
Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.
network
nokia CWE-119
critical
9.3
2010-12-16 CVE-2010-4549 Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Notes Traveler
IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device successfully performs a Replace Data operation for a prohibited application, which allows remote authenticated users to bypass intended access restrictions via this operation.
network
low complexity
ibm nokia CWE-264
4.0
2010-10-04 CVE-2010-3374 Unspecified vulnerability in Nokia QT Creator
Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
local
nokia
6.9
2010-08-02 CVE-2009-4975 Cross-Site Scripting vulnerability in Nokia Qtdemobrowser
Cross-site scripting (XSS) vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536.
network
nokia CWE-79
4.3
2009-07-20 CVE-2009-2538 Resource Management Errors vulnerability in Nokia N810 Internet Tablet, N82 and Symbian
The Nokia N95 running Symbian OS 9.2, N82, and N810 Internet Tablet allow remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
network
nokia CWE-399
7.1
2009-02-25 CVE-2009-0734 Buffer Errors vulnerability in Nokia PC Suite 6.86.9.3
Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file.
network
nokia CWE-119
critical
9.3
2009-02-20 CVE-2009-0649 Denial of Service vulnerability in Nokia N95 'setAttributeNode()'
The web browser in Symbian OS on the Nokia N95 cell phone allows remote attackers to cause a denial of service (crash) via JavaScript code that calls the setAttributeNode method.
network
low complexity
nokia
7.8
2009-01-02 CVE-2008-5827 Configuration vulnerability in Nokia 6131 NFC 05.12
The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware automatically installs software upon completing the download of a JAR file, which makes it easier for remote attackers to execute arbitrary code via a crafted URI record in an NDEF tag.
network
low complexity
nokia CWE-16
7.5
2009-01-02 CVE-2008-5826 Improper Input Validation vulnerability in Nokia 6131 NFC 05.12
The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware allows remote attackers to cause a denial of service (device crash) via (1) a large value in the payload length field in an NDEF record, or a certain length for a (2) tel: or (3) sms: NDEF URI.
network
low complexity
nokia CWE-20
7.8
2009-01-02 CVE-2008-5825 Link Following vulnerability in Nokia 6131 NFC 05.12
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and .
network
high complexity
nokia CWE-59
2.6