Lucene search

[email protected]CVE-2007-5493

HistoryOct 18, 2007 - 12:17 a.m.

CVE-2007-5493

2007-10-1800:17:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2007-5493

sms handler

windows mobile

pocket pc phone

vulnerability

wap push

pdu

nvd

6.7 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.6%

JSON

The SMS handler for Windows Mobile 2005 Pocket PC Phone edition allows attackers to hide the sender field of an SMS message via a malformed WAP PUSH message that causes the PDU to be incorrectly decoded.

CPENameOperatorVersion
microsoft:windows_mobilemicrosoft windows mobileeq2005

CPE	Name	Operator	Version
microsoft:windows_mobile	microsoft windows mobile	eq	2005

References

osvdb.org/45517

securitytracker.com/id?1018832

www.securityfocus.com/archive/1/482446/100/0/threaded

www.securityfocus.com/bid/26091

www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-011.txt

exchange.xforce.ibmcloud.com/vulnerabilities/37249

6.7 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.6%

JSON

Related for CVE-2007-5493

prion1 seebug1 cvelist1 securityvulns1