{"api_version":"1","generated_at":"2026-05-10T08:15:34+00:00","cve":"CVE-2007-0859","urls":{"html":"https://cve.report/CVE-2007-0859","api":"https://cve.report/api/cve/CVE-2007-0859.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-0859","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-0859"},"summary":{"title":"CVE-2007-0859","description":"The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-02-16 00:28:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"2.1","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445","name":"http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://securityreason.com/securityalert/2260","name":"http://securityreason.com/securityalert/2260","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityReason - Palm OS Treo Find Feature System Password Bypass","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt","name":"http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"],"title":"symantec.com has moved to broadcom.com","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"http://www.securityfocus.com/archive/1/460059/100/0/threaded","name":"http://www.securityfocus.com/archive/1/460059/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/460328/100/0/threaded","name":"http://www.securityfocus.com/archive/1/460328/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/460911/100/0/threaded","name":"http://www.securityfocus.com/archive/1/460911/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/460908/100/0/threaded","name":"http://www.securityfocus.com/archive/1/460908/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/22468","name":"http://www.securityfocus.com/bid/22468","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Palm OS Treo Find Feature Information Disclosure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securityfocus.com/archive/1/460901/100/0/threaded","name":"http://www.securityfocus.com/archive/1/460901/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://osvdb.org/33724","name":"http://osvdb.org/33724","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.securityfocus.com/archive/1/460954/100/0/threaded","name":"http://www.securityfocus.com/archive/1/460954/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/32502","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/32502","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-0859","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0859","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"859","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"palm","cpe5":"treo","cpe6":"650","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"859","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"palm","cpe5":"treo","cpe6":"680","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"859","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"palm","cpe5":"treo","cpe6":"700p","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T12:34:21.327Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/460908/100/0/threaded"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"},{"name":"20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/460901/100/0/threaded"},{"name":"33724","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/33724"},{"name":"20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/460954/100/0/threaded"},{"name":"20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/460911/100/0/threaded"},{"name":"palmos-findfeature-security-bypass(32502)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445"},{"name":"22468","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/22468"},{"name":"20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/460328/100/0/threaded"},{"name":"2260","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/2260"},{"name":"20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/460059/100/0/threaded"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-02-13T00:00:00.000Z","descriptions":[{"lang":"en","value":"The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-16T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/460908/100/0/threaded"},{"tags":["x_refsource_MISC"],"url":"http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"},{"name":"20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/460901/100/0/threaded"},{"name":"33724","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/33724"},{"name":"20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/460954/100/0/threaded"},{"name":"20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/460911/100/0/threaded"},{"name":"palmos-findfeature-security-bypass(32502)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"},{"tags":["x_refsource_MISC"],"url":"http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445"},{"name":"22468","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/22468"},{"name":"20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/460328/100/0/threaded"},{"name":"2260","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/2260"},{"name":"20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/460059/100/0/threaded"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-0859","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/460908/100/0/threaded"},{"name":"http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt","refsource":"MISC","url":"http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"},{"name":"20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/460901/100/0/threaded"},{"name":"33724","refsource":"OSVDB","url":"http://osvdb.org/33724"},{"name":"20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/460954/100/0/threaded"},{"name":"20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/460911/100/0/threaded"},{"name":"palmos-findfeature-security-bypass(32502)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"},{"name":"http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445","refsource":"MISC","url":"http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445"},{"name":"22468","refsource":"BID","url":"http://www.securityfocus.com/bid/22468"},{"name":"20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/460328/100/0/threaded"},{"name":"2260","refsource":"SREASON","url":"http://securityreason.com/securityalert/2260"},{"name":"20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/460059/100/0/threaded"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-0859","datePublished":"2007-02-16T00:00:00.000Z","dateReserved":"2007-02-08T00:00:00.000Z","dateUpdated":"2024-08-07T12:34:21.327Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-02-16 00:28:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:palm:treo:650:*:*:*:*:*:*:*","matchCriteriaId":"6C7C6071-28DC-4EBF-BCB9-58134E21F085"},{"vulnerable":true,"criteria":"cpe:2.3:h:palm:treo:680:*:*:*:*:*:*:*","matchCriteriaId":"61A04B62-2406-40D2-A966-3534EC822501"},{"vulnerable":true,"criteria":"cpe:2.3:h:palm:treo:700p:*:*:*:*:*:*:*","matchCriteriaId":"C560DFBC-A46D-4489-9A8A-A6B35E967C13"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"859","Ordinal":"1","Title":"CVE-2007-0859","CVE":"CVE-2007-0859","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"859","Ordinal":"1","NoteData":"The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.","Type":"Description","Title":"CVE-2007-0859"},{"CveYear":"2007","CveId":"859","Ordinal":"2","NoteData":"2007-02-15","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"859","Ordinal":"3","NoteData":"2018-10-16","Type":"Other","Title":"Modified"}]}}}