CVE-2007-2591

Currently unrated

Key Information:

Vendor: Nokia
Status: Groupwise Mobile Server; Intellisync Mobile Suite; Intellisync Wireless Email Express
Vendor: CVE Published:; 11 May 2007

Summary

usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via the userid parameter in an update action.

References

http://www.sec-consult.com/289.html

x_refsource_MISC

http://www.vupen.com/english/advisories/2007/1727

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/archive/1/468048/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

2% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 11, 2007
Vulnerability Reserved
May 10, 2007

Collectors

NVD DatabaseMitre Database