CVE-2007-2590

Currently unrated

Key Information:

Vendor: Nokia
Status: Groupwise Mobile Server; Intellisync Mobile Suite; Intellisync Wireless Email Express
Vendor: CVE Published:; 11 May 2007

Summary

Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to obtain user names and other sensitive information via a direct request to (1) usrmgr/userList.asp or (2) usrmgr/userStatusList.asp.

References

http://osvdb.org/34514

vdb-entryx_refsource_OSVDB

http://www.sec-consult.com/289.html

x_refsource_MISC

http://www.vupen.com/english/advisories/2007/1727

vdb-entryx_refsource_VUPEN

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 11, 2007
Vulnerability Reserved
May 10, 2007

Collectors

NVD DatabaseMitre Database