mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
107 lines
3.7 KiB
JSON
107 lines
3.7 KiB
JSON
{
|
|
"id": "CVE-2008-3552",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2008-08-08T19:41:00.000",
|
|
"lastModified": "2018-10-11T20:48:37.570",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition FP1, and possibly later devices, allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka \"ISSUES 11-15.\" NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a company led by a well-known researcher, it is being assigned a CVE identifier for tracking purposes."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "M\u00faltiples vulnerabilidades no especificadas en dispositivos Series 40 3rd edition FP1 de Nokia, y posiblemente dispositivos posteriores, permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de vectores desconocidos, probablemente relacionados con la escalada de privilegios MIDP y MIDlets persistentes, tambi\u00e9n se conoce como \"ISSUES 11-15\". NOTA: a partir de 20080807, la \u00fanica divulgaci\u00f3n es un pre-aviso vago sin informaci\u00f3n procesable. Sin embargo, debido a que es de una empresa dirigida por un investigador bien conocido, se le est\u00e1 asignando un identificador CVE para fines de seguimiento."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 10.0
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": true,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nokia:series_40:*:3rd_edition:feature_pack_2:*:*:*:*:*",
|
|
"matchCriteriaId": "91A3D152-36A5-49C2-BC49-6651405D7E1F"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.security-explorations.com/n2press.htm",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.security-explorations.com/n2srp.htm",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.security-explorations.com/n2vendors.htm",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.security-explorations.com/report_toc.pdf",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/495224/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/30591",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/30592",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44438",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |