Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4540


Vulnerability Score 2.1 2.1
CVE Id CVE-2008-4540
Last Modified 29 Jan 2009 01:56:43
Published 13 Oct 2008 04:00:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access.

Vulnerable Systems

Operating System

  • Microsoft Windows Mobile 6.0


XF - windowsmobile-hermes-security-bypass(45857)

BUGTRAQ - 20081008 Windows Mobile 6 insecure password handling and too short WLAN-password

SREASON - 4402

Last Updated: 27 May 2016 10:48:32