PT-2009-4940 · Nokia · Nokia N95+2

Thierry Zoller

Published

2009-07-20

Updated

2018-10-10

CVE-2009-2538

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Nokia N95 version 9.2 Nokia N82 (affected versions not specified) Nokia N810 Internet Tablet (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service, specifically memory consumption, by utilizing a large integer value for the length property of a Select object.

Recommendations For Nokia N95 version 9.2: Avoid using large integer values for the length property of a Select object to prevent memory consumption. For Nokia N82: At the moment, there is no information about a newer version that contains a fix for this issue. For Nokia N810 Internet Tablet: At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2009-2538

Affected Products

Nokia N810 Internet Tablet

Nokia N82

Nokia N95

PT-2009-4940 · Nokia · Nokia N95+2

CVE-2009-2538

Weakness Enumeration

Related Identifiers

Affected Products

References · 8