mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
128 lines
4.1 KiB
JSON
128 lines
4.1 KiB
JSON
{
|
|
"id": "CVE-2007-2591",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-05-11T04:20:00.000",
|
|
"lastModified": "2018-10-16T16:44:40.727",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via the userid parameter in an update action."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El usrmgr/userList.asp en el Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107 y 6.6.2.2, posiblemente involucrando al Novell Groupwise Mobile Server y al Nokia Intellisync Wireless Email Express, permite a atacantes remotos modificar detalles de la cuenta del usuario y causar una denegaci\u00f3n de servicio (desactivaci\u00f3n de la cuenta) a trav\u00e9s del par\u00e1metro userid en una acci\u00f3n de la actualizaci\u00f3n."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 7.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": true,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nokia:groupwise_mobile_server:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "49230DA2-0B09-42BF-811B-1CCF56181FBC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nokia:intellisync_mobile_suite:6.4.31.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A3E0EF3B-D4F6-4300-949B-F80285C43CAB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nokia:intellisync_mobile_suite:6.6.0.107:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DB300678-04E7-4F6B-AE43-8931C2FF5F40"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nokia:intellisync_mobile_suite:6.6.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F1795FDF-D272-476F-85FA-D57A474CA3F5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nokia:intellisync_wireless_email_express:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "75F41ABD-B71D-48B3-B911-8F0ED1BA8A83"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://osvdb.org/34513",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/25212",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/2689",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.sec-consult.com/289.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/468048/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/1727",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |