Lucene search

[email protected]CVE-2008-3552

HistoryAug 08, 2008 - 7:41 p.m.

CVE-2008-3552

2008-08-0819:41:00

[email protected]

web.nvd.nist.gov

cve-2008-3552

nokia

series 40

3rd edition

fp1

remote code execution

midp privilege escalation

persistent midlets

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.115 Low

EPSS

Percentile

95.3%

JSON

Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition FP1, and possibly later devices, allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka “ISSUES 11-15.” NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a company led by a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Affected configurations

NVD

Node

nokiaseries_403rd_editionfeature_pack_2

CPENameOperatorVersion
nokia:series_40nokia series 40eq*

CPE	Name	Operator	Version
nokia:series_40	nokia series 40	eq	*

References

www.security-explorations.com/n2press.htm

www.security-explorations.com/n2srp.htm

www.security-explorations.com/n2vendors.htm

www.security-explorations.com/report_toc.pdf

www.securityfocus.com/archive/1/495224/100/0/threaded

www.securityfocus.com/bid/30591

www.securityfocus.com/bid/30592

exchange.xforce.ibmcloud.com/vulnerabilities/44438

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.115 Low

EPSS

Percentile

95.3%

JSON

Related for CVE-2008-3552

prion1 nvd1 cvelist1