Search criteria
9 vulnerabilities by palm
CVE-2007-4213 (GCVE-0-2007-4213)
Vulnerability from cvelistv5 – Published: 2007-08-21 17:00 – Updated: 2024-08-07 14:46
VLAI?
Summary
Palm OS on Treo 650, 680, 700p, and 755p Smart phones allows remote attackers to cause a denial of service (device reset or hang) via a flood of large ICMP echo requests. NOTE: this is probably a different vulnerability than CVE-2003-0293.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070817 SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477128/100/0/threaded"
},
{
"name": "3034",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3034"
},
{
"name": "20070821 Re: RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477346/100/0/threaded"
},
{
"name": "palmos-treo-icmp-dos(36124)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36124"
},
{
"name": "20070820 Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477169/100/0/threaded"
},
{
"name": "20070820 RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477235/100/0/threaded"
},
{
"name": "25074",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25074"
},
{
"name": "20070821 Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477350/100/0/threaded"
},
{
"name": "20070821 Re: Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477231/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-007.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Palm OS on Treo 650, 680, 700p, and 755p Smart phones allows remote attackers to cause a denial of service (device reset or hang) via a flood of large ICMP echo requests. NOTE: this is probably a different vulnerability than CVE-2003-0293."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070817 SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477128/100/0/threaded"
},
{
"name": "3034",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3034"
},
{
"name": "20070821 Re: RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477346/100/0/threaded"
},
{
"name": "palmos-treo-icmp-dos(36124)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36124"
},
{
"name": "20070820 Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477169/100/0/threaded"
},
{
"name": "20070820 RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477235/100/0/threaded"
},
{
"name": "25074",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25074"
},
{
"name": "20070821 Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477350/100/0/threaded"
},
{
"name": "20070821 Re: Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477231/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-007.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Palm OS on Treo 650, 680, 700p, and 755p Smart phones allows remote attackers to cause a denial of service (device reset or hang) via a flood of large ICMP echo requests. NOTE: this is probably a different vulnerability than CVE-2003-0293."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070817 SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477128/100/0/threaded"
},
{
"name": "3034",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3034"
},
{
"name": "20070821 Re: RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477346/100/0/threaded"
},
{
"name": "palmos-treo-icmp-dos(36124)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36124"
},
{
"name": "20070820 Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477169/100/0/threaded"
},
{
"name": "20070820 RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477235/100/0/threaded"
},
{
"name": "25074",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25074"
},
{
"name": "20070821 Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477350/100/0/threaded"
},
{
"name": "20070821 Re: Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477231/100/0/threaded"
},
{
"name": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-007.txt",
"refsource": "MISC",
"url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-007.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4213",
"datePublished": "2007-08-21T17:00:00",
"dateReserved": "2007-08-08T00:00:00",
"dateUpdated": "2024-08-07T14:46:39.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0859 (GCVE-0-2007-0859)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
Summary
The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"
},
{
"name": "20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded"
},
{
"name": "33724",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33724"
},
{
"name": "20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded"
},
{
"name": "20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded"
},
{
"name": "palmos-findfeature-security-bypass(32502)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://discussion.treocentral.com/showthread.php?p=1199445\u0026posted=1#post1199445"
},
{
"name": "22468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22468"
},
{
"name": "20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded"
},
{
"name": "2260",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2260"
},
{
"name": "20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"
},
{
"name": "20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded"
},
{
"name": "33724",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33724"
},
{
"name": "20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded"
},
{
"name": "20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded"
},
{
"name": "palmos-findfeature-security-bypass(32502)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://discussion.treocentral.com/showthread.php?p=1199445\u0026posted=1#post1199445"
},
{
"name": "22468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22468"
},
{
"name": "20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded"
},
{
"name": "2260",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2260"
},
{
"name": "20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded"
},
{
"name": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt",
"refsource": "MISC",
"url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"
},
{
"name": "20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded"
},
{
"name": "33724",
"refsource": "OSVDB",
"url": "http://osvdb.org/33724"
},
{
"name": "20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded"
},
{
"name": "20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded"
},
{
"name": "palmos-findfeature-security-bypass(32502)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"
},
{
"name": "http://discussion.treocentral.com/showthread.php?p=1199445\u0026posted=1#post1199445",
"refsource": "MISC",
"url": "http://discussion.treocentral.com/showthread.php?p=1199445\u0026posted=1#post1199445"
},
{
"name": "22468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22468"
},
{
"name": "20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded"
},
{
"name": "2260",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2260"
},
{
"name": "20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0859",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-08T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6286 (GCVE-0-2006-6286)
Vulnerability from cvelistv5 – Published: 2006-12-04 11:00 – Updated: 2024-08-07 20:19
VLAI?
Summary
Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "palmdesktop-files-insecure-permission(30657)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30657"
},
{
"name": "23072",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23072"
},
{
"name": "ADV-2006-4803",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4803"
},
{
"name": "21382",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21382/info"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "palmdesktop-files-insecure-permission(30657)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30657"
},
{
"name": "23072",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23072"
},
{
"name": "ADV-2006-4803",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4803"
},
{
"name": "21382",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21382/info"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "palmdesktop-files-insecure-permission(30657)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30657"
},
{
"name": "23072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23072"
},
{
"name": "ADV-2006-4803",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4803"
},
{
"name": "21382",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21382/info"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6286",
"datePublished": "2006-12-04T11:00:00",
"dateReserved": "2006-12-04T00:00:00",
"dateUpdated": "2024-08-07T20:19:35.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1438 (GCVE-0-2001-1438)
Vulnerability from cvelistv5 – Published: 2005-04-21 04:00 – Updated: 2024-08-08 04:58
VLAI?
Summary
Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20011022 PalmOS crashes receiving SMS images using Handspring VisorPhone",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/82/222110"
},
{
"name": "VU#222739",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/222739"
},
{
"name": "handspring-visor-sms-dos(10637)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10637"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20011022 PalmOS crashes receiving SMS images using Handspring VisorPhone",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV"
],
"url": "http://www.securityfocus.com/archive/82/222110"
},
{
"name": "VU#222739",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/222739"
},
{
"name": "handspring-visor-sms-dos(10637)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10637"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1438",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20011022 PalmOS crashes receiving SMS images using Handspring VisorPhone",
"refsource": "VULN-DEV",
"url": "http://www.securityfocus.com/archive/82/222110"
},
{
"name": "VU#222739",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/222739"
},
{
"name": "handspring-visor-sms-dos(10637)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10637"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1438",
"datePublished": "2005-04-21T04:00:00",
"dateReserved": "2005-04-21T00:00:00",
"dateUpdated": "2024-08-08T04:58:11.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0293 (GCVE-0-2003-0293)
Vulnerability from cvelistv5 – Published: 2003-05-15 04:00 – Updated: 2024-08-08 01:50
VLAI?
Summary
PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:47.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030514 PalmOS ICMP flood DoS.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105293128612131\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030514 PalmOS ICMP flood DoS.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105293128612131\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030514 PalmOS ICMP flood DoS.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105293128612131\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0293",
"datePublished": "2003-05-15T04:00:00",
"dateReserved": "2003-05-14T00:00:00",
"dateUpdated": "2024-08-08T01:50:47.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0120 (GCVE-0-2002-0120)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:35
VLAI?
Summary
Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020112 Palm Desktop 4.0b76-77 for Mac OS X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/250093"
},
{
"name": "3863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3863"
},
{
"name": "palm-macos-backup-permissions(7937)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7937.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020112 Palm Desktop 4.0b76-77 for Mac OS X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/250093"
},
{
"name": "3863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3863"
},
{
"name": "palm-macos-backup-permissions(7937)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7937.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020112 Palm Desktop 4.0b76-77 for Mac OS X",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/250093"
},
{
"name": "3863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3863"
},
{
"name": "palm-macos-backup-permissions(7937)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7937.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0120",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0116 (GCVE-0-2002-0116)
Vulnerability from cvelistv5 – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
VLAI?
Summary
Palm OS 3.5h and possibly other versions, as used in Handspring Visor and Xircom products, allows remote attackers to cause a denial of service via a TCP connect scan, e.g. from nmap.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020110 Re: Handspring Visor D.O.S",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101070523119956\u0026w=2"
},
{
"name": "palmos-nmap-dos(7865)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7865.php"
},
{
"name": "3847",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3847"
},
{
"name": "20020110 Handspring Visor D.O.S",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101069677929208\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Palm OS 3.5h and possibly other versions, as used in Handspring Visor and Xircom products, allows remote attackers to cause a denial of service via a TCP connect scan, e.g. from nmap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020110 Re: Handspring Visor D.O.S",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101070523119956\u0026w=2"
},
{
"name": "palmos-nmap-dos(7865)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7865.php"
},
{
"name": "3847",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3847"
},
{
"name": "20020110 Handspring Visor D.O.S",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101069677929208\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Palm OS 3.5h and possibly other versions, as used in Handspring Visor and Xircom products, allows remote attackers to cause a denial of service via a TCP connect scan, e.g. from nmap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020110 Re: Handspring Visor D.O.S",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101070523119956\u0026w=2"
},
{
"name": "palmos-nmap-dos(7865)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7865.php"
},
{
"name": "3847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3847"
},
{
"name": "20020110 Handspring Visor D.O.S",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101069677929208\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0116",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0157 (GCVE-0-2001-0157)
Vulnerability from cvelistv5 – Published: 2001-05-07 04:00 – Updated: 2024-08-08 04:06
VLAI?
Summary
Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:55.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "palm-debug-bypass-password(6196)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6196"
},
{
"name": "A030101-1",
"tags": [
"vendor-advisory",
"x_refsource_ATSTAKE",
"x_transferred"
],
"url": "http://www.atstake.com/research/advisories/2001/a030101-1.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "palm-debug-bypass-password(6196)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6196"
},
{
"name": "A030101-1",
"tags": [
"vendor-advisory",
"x_refsource_ATSTAKE"
],
"url": "http://www.atstake.com/research/advisories/2001/a030101-1.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "palm-debug-bypass-password(6196)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6196"
},
{
"name": "A030101-1",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2001/a030101-1.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0157",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2001-03-01T00:00:00",
"dateUpdated": "2024-08-08T04:06:55.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-1008 (GCVE-0-2000-1008)
Vulnerability from cvelistv5 – Published: 2000-11-29 05:00 – Updated: 2024-08-08 05:37
VLAI?
Summary
PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:32.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1715",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1715"
},
{
"name": "A092600-1",
"tags": [
"vendor-advisory",
"x_refsource_ATSTAKE",
"x_transferred"
],
"url": "http://www.atstake.com/research/advisories/2000/a092600-1.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-05-08T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1715",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1715"
},
{
"name": "A092600-1",
"tags": [
"vendor-advisory",
"x_refsource_ATSTAKE"
],
"url": "http://www.atstake.com/research/advisories/2000/a092600-1.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1715",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1715"
},
{
"name": "A092600-1",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2000/a092600-1.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1008",
"datePublished": "2000-11-29T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:32.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}