Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5827

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5827
Last Modified 18 Mar 2009 01:46:51
Published 02 Jan 2009 02:30:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5827

Summary

The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware automatically installs software upon completing the download of a JAR file, which makes it easier for remote attackers to execute arbitrary code via a crafted URI record in an NDEF tag.

Vulnerable Systems


References

XF - nokia-6131-ndef-recordparser-dos(44528)

MISC - http://www.mulliner.org/nfc/feed/collin_mulliner_eusecwest08_attacking_nfc_phones.pdf

MISC - http://www.mulliner.org/nfc/feed/collin_mulliner_25c3_attacking_nfc_phones.pdf

MISC - http://events.ccc.de/congress/2008/Fahrplan/events/2639.en.html

MISC - http://events.ccc.de/congress/2008/Fahrplan/attachments/1109_collin_mulliner_eusecwest08_attacking_nfc_phones_slim.pdf


Last Updated: 27 May 2016 10:48:56