CVE-2010-4109

Currently unrated

Key Information:

Vendor: HP
Status: Palm Webos
Vendor: CVE Published:; 8 December 2010

Summary

Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

http://www.vupen.com/english/advisories/2010/3131

vdb-entryx_refsource_VUPEN

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Dec 8, 2010
Vulnerability Reserved
Oct 27, 2010