CVE-2007-0859
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
50.9%
The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.
Affected configurations
References
discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445
osvdb.org/33724
securityreason.com/securityalert/2260
www.securityfocus.com/archive/1/460059/100/0/threaded
www.securityfocus.com/archive/1/460328/100/0/threaded
www.securityfocus.com/archive/1/460901/100/0/threaded
www.securityfocus.com/archive/1/460908/100/0/threaded
www.securityfocus.com/archive/1/460911/100/0/threaded
www.securityfocus.com/archive/1/460954/100/0/threaded
www.securityfocus.com/bid/22468
www.symantec.com/enterprise/research/SYMSA-2007-002.txt
exchange.xforce.ibmcloud.com/vulnerabilities/32502
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
50.9%