HPSBMI02614 SSRT100344 rev.2 - HP webOS Contacts Application, Remote Execution of Arbitrary Code

ID HP:C02639302
Type hp
Reporter HP Product Security Response Team
Modified 2017-07-26T00:00:00


Potential Security Impact

Remote execution of arbitrary code


A potential security vulnerability has been identified with HP webOS Contacts Application. This vulnerability could be exploited to execute arbitrary HTML or JavaScript.


The vulnerability can be resolved by updating affected devices to HP webOS version 2.0 or subsequent. This update will be provided automatically from the wireless carrier.

> note: > > Until the update is available, users are advised to not open untrusted vCard files received via emails or messages.