SMS Handler Vulnerability in Windows Mobile 2005 Pocket PC Phone Edition
CVE-2007-5493

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Mobile
Vendor: CVE Published:; 18 October 2007

Summary

The SMS handler in Windows Mobile 2005 Pocket PC Phone Edition has a vulnerability that allows attackers to exploit malformed WAP PUSH messages. By doing so, they can manipulate the protocol data unit (PDU), leading to the obfuscation of the sender field in SMS messages. This can potentially mislead users and compromise the integrity of communication on affected devices.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/37249

vdb-entryx_refsource_XF

http://osvdb.org/45517

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/26091

vdb-entryx_refsource_BID

EPSS Score

25% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 18, 2007
Vulnerability Reserved
Oct 17, 2007