CVE-2008-4540
https://notcve.org/view.php?id=CVE-2008-4540
Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access. Windows Mobile 6 en dispositivos HTC Hermes deja activado el mecanismo de auto-completado de las contraseñas de la WLAN, lo cual permite a atacantes físicamente próximos al dispositivo evitar la autenticación de la contraseña y obtener acceso a la WLAN. • http://securityreason.com/securityalert/4402 http://www.securityfocus.com/archive/1/497151/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/45857 • CWE-255: Credentials Management Errors •
CVE-2008-4295 – Microsoft Windows Mobile 6.0 - Device Long Name Remote Reboot (Denial of Service)
https://notcve.org/view.php?id=CVE-2008-4295
Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices does not properly handle the first attempt to establish a Bluetooth connection to a peer with a long name, which allows remote attackers to cause a denial of service (device reboot) by configuring a Bluetooth device with a long hci name and (1) connecting directly to the Windows Mobile system or (2) waiting for the Windows Mobile system to scan for nearby devices. Microsoft Windows Mobile 6.0 en dispositivos HTC Wiza 200 y HTC MDA 8125 no trata adecuadamente el primer intento de establecer la conexión Bluetooth a un punto con un nombre largo, lo cual permite a atacantes remotos causar denegación de servicio (reinicio de dispositivo) por la configuración de un dispositivo Bluetooth con un nombre hci largo y (1) conexión directamente al sistema Windows Mobile o (2) esperar para escanear dispositivos cercanos del sistema Windows Mobile. • https://www.exploit-db.com/exploits/6582 http://secunia.com/advisories/32066 http://www.securityfocus.com/bid/31420 https://exchange.xforce.ibmcloud.com/vulnerabilities/45463 • CWE-20: Improper Input Validation •
CVE-2007-0685
https://notcve.org/view.php?id=CVE-2007-0685
Internet Explorer on Windows Mobile 5.0 and Windows Mobile 2003 and 2003SE for Smartphones and PocketPC allows attackers to cause a denial of service (application crash and device instability) via unspecified vectors, possibly related to a buffer overflow. Internet Explorer en Windows Mobile 5.0 y Windows Mobile 2003 y 2003SE para Smartphones y PocketPC permite a atacantes remotos provocar una denegación de servicio (caída de aplicación e inestabilidad de dispositivo) mediante vectores desconocidos, posiblemente referido a desbordamiento de búfer. • http://blog.trendmicro.com/trend-micro-finds-more-windows-mobile-flaws http://osvdb.org/36149 http://www.securityfocus.com/bid/22343 http://www.vupen.com/english/advisories/2007/0434 https://exchange.xforce.ibmcloud.com/vulnerabilities/32001 •
CVE-2007-0674
https://notcve.org/view.php?id=CVE-2007-0674
Pictures and Videos on Windows Mobile 5.0 and Windows Mobile 2003 and 2003SE for Smartphones and PocketPC allows user-assisted remote attackers to cause a denial of service (device hang) via a malformed JPEG file. Imágenes y Videos en el Windows Mobile 5.0 y Windows Mobile 2003 y 2003SE para Smartphones y PocketPC permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (cuelgue del dispositivo) mediante un fichero JPEG mal formado. • http://blog.trendmicro.com/trend-micro-finds-more-windows-mobile-flaws http://osvdb.org/36148 http://www.securityfocus.com/bid/22343 http://www.vupen.com/english/advisories/2007/0434 https://exchange.xforce.ibmcloud.com/vulnerabilities/32002 •
CVE-2004-0839
https://notcve.org/view.php?id=CVE-2004-0839
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". • http://marc.info/?l=bugtraq&m=109303291513335&w=2 http://marc.info/?l=bugtraq&m=109336221826652&w=2 http://seclists.org/lists/fulldisclosure/2004/Aug/0868.html http://www.kb.cert.org/vuls/id/526089 http://www.securityfocus.com/bid/10973 http://www.us-cert.gov/cas/techalerts/TA04-293A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 https://exchange.xforce.ibmcloud.com/vulnerabilities/17044 https://oval.cisecurity.org/repository/search •