CVE-2007-2590

Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to obtain user names and other sensitive information via a direct request to (1) usrmgr/userList.asp or (2) usrmgr/userStatusList.asp.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nokia:groupwise_mobile_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nokia:intellisync_mobile_suite:6.4.31.2:*:*:*:*:*:*:*
cpe:2.3:a:nokia:intellisync_mobile_suite:6.6.0.107:*:*:*:*:*:*:*
cpe:2.3:a:nokia:intellisync_mobile_suite:6.6.2.2:*:*:*:*:*:*:*
cpe:2.3:a:nokia:intellisync_wireless_email_express:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:31

Type Values Removed Values Added
References () http://osvdb.org/34514 - () http://osvdb.org/34514 -
References () http://secunia.com/advisories/25212 - Patch, Vendor Advisory () http://secunia.com/advisories/25212 - Patch, Vendor Advisory
References () http://securityreason.com/securityalert/2689 - () http://securityreason.com/securityalert/2689 -
References () http://www.sec-consult.com/289.html - Exploit, Vendor Advisory () http://www.sec-consult.com/289.html - Exploit, Vendor Advisory
References () http://www.securityfocus.com/archive/1/468048/100/0/threaded - () http://www.securityfocus.com/archive/1/468048/100/0/threaded -
References () http://www.vupen.com/english/advisories/2007/1727 - () http://www.vupen.com/english/advisories/2007/1727 -

Information

Published : 2007-05-11 04:20

Updated : 2024-11-21 00:31


NVD link : CVE-2007-2590

Mitre link : CVE-2007-2590

CVE.ORG link : CVE-2007-2590


JSON object : View

Products Affected

nokia

  • intellisync_mobile_suite
  • groupwise_mobile_server
  • intellisync_wireless_email_express
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor