CVSS: 4.3EPSS: 1%CPEs: 5EXPL: 1CVE-2007-2592
https://notcve.org/view.php?id=CVE-2007-2592
Multiple cross-site scripting (XSS) vulnerabilities in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to de/pda/dev_logon.asp and (2) multiple unspecified vectors in (a) usrmgr/registerAccount.asp, (b) de/create_account.asp, and other files. Múltiples vulnerabilidades secuencias de comandos en sitios cruzados (XSS) en el Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107 y 6.6.2.2, posiblemente involucrando al Novell Groupwise Mobile Server y al Nokia Intellisync Wireless Email Express, permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro (1) username en el de/pda/dev_logon.asp y (2) múltiples vectores sin especificar en el (a) usrmgr/registerAccount.asp, (b) de/create_account.asp y otros archivos. • http://osvdb.org/34515 http://osvdb.org/34516 http://osvdb.org/34517 http://secunia.com/advisories/25212 http://secunia.com/advisories/26199 http://securityreason.com/securityalert/2689 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005120.html http://www.sec-consult.com/289.html http://www.securityfocus.com/archive/1/468048/100/0/threaded http://www.securityfocus.com/bid/23889 http://www.securitytracker.com/id?1018454 http://www.vupen.com/e •
CVSS: 3.3EPSS: 1%CPEs: 1EXPL: 0CVE-2007-0523
https://notcve.org/view.php?id=CVE-2007-0523
The Nokia N70 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push. El teléfono Nokia N70 permite a atacantes remotos provocar una denegación de servicio (diálogos modales continuos y no disponibilidad de interfaz de usuario) tratando repetidamente de enviar un fichero sobre Bluetooth mediante OBEX, como ha sido demostrado por ussp-push. • http://securityreason.com/securityalert/2180 http://www.securityfocus.com/archive/1/457768/100/0/threaded http://www.securityfocus.com/archive/1/457797/100/0/threaded • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 6%CPEs: 1EXPL: 2CVE-2006-4464 – Nokia Symbian 60 3rd Edition - Browser Crash (Denial of Service)
https://notcve.org/view.php?id=CVE-2006-4464
The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, allows remote attackers to cause a denial of service (crash) via JavaScript that constructs a large Unicode string. El navegador de Nokia, posiblemente Nokia Symbian 60 Browser 3rd edition, permite a atacantes remotos provocar una denegación de servicio (caída) mediante JavaScript que construye una cadena Unicode larga. • https://www.exploit-db.com/exploits/2176 http://securityreason.com/securityalert/1485 http://www.securityfocus.com/archive/1/442990/100/200/threaded http://www.securityfocus.com/bid/19484 https://exchange.xforce.ibmcloud.com/vulnerabilities/28353 •
CVSS: 7.8EPSS: 14%CPEs: 1EXPL: 4CVE-2006-0797 – Nokia N70 - L2CAP Packets Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-0797
Nokia N70 cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet, possibly triggering a buffer overflow, as demonstrated using the Bluetooth Stack Smasher (BSS). Teléfono movil Nokia N70 permite a atacantes remotos provocar una denegación de servicio (reinicio o apagado) a través de una conexión inalámbrica de Bluetooth a través de un paquete Logical Link Control and Adaptation Protocol (L2CAP) malformado cuya longitud de campo es menor que la longitud actual del paquete, desencadenando posiblemente un desbordamiento de búfer, como es demostrado mediante el uso del Bluetooth Stack Smasher (BSS). • https://www.exploit-db.com/exploits/27232 http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0316.html http://secunia.com/advisories/18724 http://www.osvdb.org/23061 http://www.secuobs.com/news/15022006-nokia_n70.shtml#english http://www.securityfocus.com/bid/16666 http://www.vupen.com/english/advisories/2006/0538 https://exchange.xforce.ibmcloud.com/vulnerabilities/24688 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3093
https://notcve.org/view.php?id=CVE-2005-3093
Nokia 7610 and 3210 phones allows attackers to cause a denial of service via certain characters in the filename of a Bluetooth OBEX transfer. • http://www.securityfocus.com/bid/14948 •