CVE-2007-0859

{"id": "CVE-2007-0859", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-02-16T00:28:00.000", "references": [{"url": "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/33724", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2260", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22468", "source": "cve@mitre.org"}, {"url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."}, {"lang": "es", "value": "La caracter\u00edstica Find en los tel\u00e9fonos inteligentes (smart phones) Palm OS Treo operan a pesar del sistema de bloqueo de contrase\u00f1a, lo cual permite a atacantes con acceso f\u00edsico, obtener informaci\u00f3n confidencial (contenidos de memoria) realizando (1) b\u00fasquedas de texto \u00f3 (2) operaciones de pegado tras presionar atajos de teclado concretos."}], "lastModified": "2018-10-16T16:34:55.797", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:palm:treo:650:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C7C6071-28DC-4EBF-BCB9-58134E21F085"}, {"criteria": "cpe:2.3:h:palm:treo:680:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61A04B62-2406-40D2-A966-3534EC822501"}, {"criteria": "cpe:2.3:h:palm:treo:700p:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C560DFBC-A46D-4489-9A8A-A6B35E967C13"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}