Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5826 | 1 Nokia | 1 6131 Nfc | 2024-02-28 | 7.8 HIGH | N/A |
The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware allows remote attackers to cause a denial of service (device crash) via (1) a large value in the payload length field in an NDEF record, or a certain length for a (2) tel: or (3) sms: NDEF URI. | |||||
CVE-2008-5825 | 1 Nokia | 1 6131 Nfc | 2024-02-28 | 2.6 LOW | N/A |
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone. | |||||
CVE-2008-5827 | 1 Nokia | 1 6131 Nfc | 2024-02-28 | 7.5 HIGH | N/A |
The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware automatically installs software upon completing the download of a JAR file, which makes it easier for remote attackers to execute arbitrary code via a crafted URI record in an NDEF tag. |