Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 11/05/2007 Updated: 16/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allow remote malicious users to inject arbitrary web script or HTML via the (1) username parameter to de/pda/dev_logon.asp and (2) multiple unspecified vectors in (a) usrmgr/registerAccount.asp, (b) de/create_account.asp, and other files.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nokia intellisync wireless email express
nokia groupwise mobile server
nokia intellisync mobile suite 6.4.31.2
nokia intellisync mobile suite 6.6.0.107
nokia intellisync mobile suite 6.6.2.2

NVD-CWE-Other http://www.sec-consult.com/289.html http://secunia.com/advisories/25212 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005120.html http://www.securityfocus.com/bid/23889 http://www.securitytracker.com/id?1018454 http://secunia.com/advisories/26199 http://securityreason.com/securityalert/2689 http://www.vupen.com/english/advisories/2007/2657 http://www.vupen.com/english/advisories/2007/1727 http://osvdb.org/34515 http://osvdb.org/34516 http://osvdb.org/34517 https://exchange.xforce.ibmcloud.com/vulnerabilities/34187 http://www.securityfocus.com/archive/1/468048/100/0/threaded https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-2592

Vulnerability Summary

References

Vulmon Search

About

Products

Connect