Vulnerabilities > Nokia
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-09-19 | CVE-2008-4135 | Resource Management Errors vulnerability in S60 Symbian OS Unknown Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra-6 and Nseries N82 allows remote attackers to cause a denial of service (device crash) via multiple deauthentication (DeAuth) frames. | 7.8 |
2008-08-08 | CVE-2008-3553 | Permissions, Privileges, and Access Controls vulnerability in SUN J2Me Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition devices allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 3-10." NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. | 10.0 |
2008-08-08 | CVE-2008-3552 | Security-Bypass vulnerability in Sun Java Micro Edition (ME) Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition FP1, and possibly later devices, allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 11-15." NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. | 10.0 |
2007-12-15 | CVE-2007-6371 | Improper Input Validation vulnerability in Nokia N95 12.0.013 Nokia N95 cell phone with RM-159 12.0.013 firmware allows remote attackers to cause a denial of service (device inoperability) via a SIP INVITE message accompanied by an immediately subsequent SIP CANCEL message, followed by a second SIP INVITE message in a different session. | 7.1 |
2007-05-11 | CVE-2007-2592 | Multiple vulnerability in Nokia products Multiple cross-site scripting (XSS) vulnerabilities in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to de/pda/dev_logon.asp and (2) multiple unspecified vectors in (a) usrmgr/registerAccount.asp, (b) de/create_account.asp, and other files. network nokia | 4.3 |
2007-05-11 | CVE-2007-2591 | Denial-Of-Service vulnerability in Nokia products usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via the userid parameter in an update action. | 7.5 |
2007-05-11 | CVE-2007-2590 | Information Exposure vulnerability in Nokia products Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to obtain user names and other sensitive information via a direct request to (1) usrmgr/userList.asp or (2) usrmgr/userStatusList.asp. | 6.4 |
2007-01-26 | CVE-2007-0523 | Improper Input Validation vulnerability in Nokia N70 The Nokia N70 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push. | 3.3 |
2006-08-31 | CVE-2006-4464 | Denial of Service vulnerability in Nokia Symbian S60 The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, allows remote attackers to cause a denial of service (crash) via JavaScript that constructs a large Unicode string. | 5.0 |
2006-02-19 | CVE-2006-0797 | Remote Denial of Service vulnerability in Nokia N70 L2CAP Packets Nokia N70 cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet, possibly triggering a buffer overflow, as demonstrated using the Bluetooth Stack Smasher (BSS). | 7.8 |