VAR-200705-0288
Vulnerability from variot - Updated: 2025-04-10 19:40usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via the userid parameter in an update action. Intellisync Mobile Suite is prone to a denial-of-service vulnerability.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/
The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.
TITLE: Nokia Intellisync Mobile Suite Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA25212
VERIFY ADVISORY: http://secunia.com/advisories/25212/
CRITICAL: Moderately critical
IMPACT: Cross Site Scripting, Exposure of system information, Exposure of sensitive information, DoS
WHERE:
From remote
SOFTWARE: Intellisync Mobile Suite http://secunia.com/product/3450/
DESCRIPTION: Johannes Greil has reported some vulnerabilities in Nokia's Intellisync Mobile Suite, which can be exploited by malicious people to gain knowledge of sensitive information, conduct cross-site scripting attacks, manipulate certain data, or cause a DoS (Denial of Service).
1) Missing authentication checks within certain ASP scripts (e.g. userList.asp, userStatusList.asp) can be exploited to modify or gain knowledge of certain user details, or to disable user accounts.
2) Certain input passed to de/pda/dev_logon.asp, usrmgr/registerAccount.asp, and de/create_account.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
3) An error within the bundled Apache Tomcat server can be exploited to disclose directory listings and script source codes.
The vulnerabilities are reported in versions 6.4.31.2, 6.6.0.107, and 6.6.2.2 and is reported to partially affect Nokia Intellisync Wireless Email Express. Other versions may also be affected.
SOLUTION: Upgrade to GMS 2.
PROVIDED AND/OR DISCOVERED BY: Johannes Greil, SEC Consult
ORIGINAL ADVISORY: http://www.sec-consult.com/289.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200705-0288",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intellisync mobile suite",
"scope": "eq",
"trust": 2.7,
"vendor": "nokia",
"version": "6.6.0.107"
},
{
"model": "intellisync mobile suite",
"scope": "eq",
"trust": 2.7,
"vendor": "nokia",
"version": "6.4.31.2"
},
{
"model": "intellisync mobile suite",
"scope": "eq",
"trust": 1.9,
"vendor": "nokia",
"version": "6.6.2.2"
},
{
"model": "groupwise mobile server",
"scope": null,
"trust": 1.4,
"vendor": "nokia",
"version": null
},
{
"model": "intellisync wireless email express",
"scope": null,
"trust": 1.4,
"vendor": "nokia",
"version": null
},
{
"model": "groupwise mobile server",
"scope": "eq",
"trust": 1.0,
"vendor": "nokia",
"version": "*"
},
{
"model": "intellisync wireless email express",
"scope": "eq",
"trust": 1.0,
"vendor": "nokia",
"version": "*"
},
{
"model": "intellisync mobile suite",
"scope": "eq",
"trust": 0.8,
"vendor": "nokia",
"version": "and 6.6.2.2"
}
],
"sources": [
{
"db": "BID",
"id": "86209"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003825"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-204"
},
{
"db": "NVD",
"id": "CVE-2007-2591"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:nokia:groupwise_mobile_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nokia:intellisync_mobile_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nokia:intellisync_wireless_email_express",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003825"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "86209"
}
],
"trust": 0.3
},
"cve": "CVE-2007-2591",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2007-2591",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-25953",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-2591",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-2591",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200705-204",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-25953",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25953"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003825"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-204"
},
{
"db": "NVD",
"id": "CVE-2007-2591"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via the userid parameter in an update action. Intellisync Mobile Suite is prone to a denial-of-service vulnerability. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nJoin the FREE BETA test of the Network Software Inspector (NSI)!\nhttp://secunia.com/network_software_inspector/\n\nThe NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\n----------------------------------------------------------------------\n\nTITLE:\nNokia Intellisync Mobile Suite Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA25212\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/25212/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nCross Site Scripting, Exposure of system information, Exposure of\nsensitive information, DoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIntellisync Mobile Suite\nhttp://secunia.com/product/3450/\n\nDESCRIPTION:\nJohannes Greil has reported some vulnerabilities in Nokia\u0027s\nIntellisync Mobile Suite, which can be exploited by malicious people\nto gain knowledge of sensitive information, conduct cross-site\nscripting attacks, manipulate certain data, or cause a DoS (Denial of\nService). \n\n1) Missing authentication checks within certain ASP scripts (e.g. \nuserList.asp, userStatusList.asp) can be exploited to modify or gain\nknowledge of certain user details, or to disable user accounts. \n\n2) Certain input passed to de/pda/dev_logon.asp,\nusrmgr/registerAccount.asp, and de/create_account.asp is not properly\nsanitised before being returned to the user. This can be exploited to\nexecute arbitrary HTML and script code in a user\u0027s browser session in\ncontext of an affected site. \n\n3) An error within the bundled Apache Tomcat server can be exploited\nto disclose directory listings and script source codes. \n\nThe vulnerabilities are reported in versions 6.4.31.2, 6.6.0.107, and\n6.6.2.2 and is reported to partially affect Nokia Intellisync Wireless\nEmail Express. Other versions may also be affected. \n\nSOLUTION:\nUpgrade to GMS 2. \n\nPROVIDED AND/OR DISCOVERED BY:\nJohannes Greil, SEC Consult\n\nORIGINAL ADVISORY:\nhttp://www.sec-consult.com/289.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2591"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003825"
},
{
"db": "BID",
"id": "86209"
},
{
"db": "VULHUB",
"id": "VHN-25953"
},
{
"db": "PACKETSTORM",
"id": "56572"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-2591",
"trust": 2.8
},
{
"db": "SREASON",
"id": "2689",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "25212",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-1727",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "34513",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003825",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20070509 SEC CONSULT SA-20070509-0 :: MULTIPLE VULNERABILITES IN NOKIA INTELLISYNC MOBILE SUITE \u0026 WIRELESS EMAIL EXPRESS",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200705-204",
"trust": 0.6
},
{
"db": "BID",
"id": "86209",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-25953",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56572",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25953"
},
{
"db": "BID",
"id": "86209"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003825"
},
{
"db": "PACKETSTORM",
"id": "56572"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-204"
},
{
"db": "NVD",
"id": "CVE-2007-2591"
}
]
},
"id": "VAR-200705-0288",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25953"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T19:40:37.325000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top page",
"trust": 0.8,
"url": "http://www.nokia.com/global/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003825"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2591"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.sec-consult.com/289.html"
},
{
"trust": 2.0,
"url": "http://securityreason.com/securityalert/2689"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25212"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/468048/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://osvdb.org/34513"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/1727"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/468048/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2591"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2591"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/1727"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/25212/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3450/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25953"
},
{
"db": "BID",
"id": "86209"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003825"
},
{
"db": "PACKETSTORM",
"id": "56572"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-204"
},
{
"db": "NVD",
"id": "CVE-2007-2591"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-25953"
},
{
"db": "BID",
"id": "86209"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003825"
},
{
"db": "PACKETSTORM",
"id": "56572"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-204"
},
{
"db": "NVD",
"id": "CVE-2007-2591"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-25953"
},
{
"date": "2007-05-11T00:00:00",
"db": "BID",
"id": "86209"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003825"
},
{
"date": "2007-05-10T00:32:46",
"db": "PACKETSTORM",
"id": "56572"
},
{
"date": "2007-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-204"
},
{
"date": "2007-05-11T04:20:00",
"db": "NVD",
"id": "CVE-2007-2591"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-25953"
},
{
"date": "2007-05-11T00:00:00",
"db": "BID",
"id": "86209"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003825"
},
{
"date": "2007-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-204"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-2591"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-204"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nokia Intellisync Mobile Suite Such as usrmgr/userList.asp Vulnerability in changing user account",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003825"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-204"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…