HPSBMI02614 SSRT100344 rev.2 - HP webOS Contacts Application, Remote Execution of Arbitrary Code

2010-12-03T00:00:00
ID HP:C02639302
Type hp
Reporter HP Product Security Response Team
Modified 2017-07-26T00:00:00

Description

Potential Security Impact

Remote execution of arbitrary code

VULNERABILITY SUMMARY

A potential security vulnerability has been identified with HP webOS Contacts Application. This vulnerability could be exploited to execute arbitrary HTML or JavaScript.

RESOLUTION

The vulnerability can be resolved by updating affected devices to HP webOS version 2.0 or subsequent. This update will be provided automatically from the wireless carrier.

> note: > > Until the update is available, users are advised to not open untrusted vCard files received via emails or messages.