BID:30716

Nokia 6131 Multiple Vulnerabilities

Info

Nokia 6131 Multiple Vulnerabilities

Bugtraq ID:	30716
Class:	Unknown
CVE:	CVE-2008-5825 CVE-2008-5826
Remote:	Yes
Local:	No
Published:	Aug 16 2008 12:00AM
Updated:	Jun 18 2009 07:59PM
Credit:	Collin Mulliner <collin.mulliner[AT]sit.fraunhofer.de>
Vulnerable:	Nokia Nokia 6212 Classic 0 Nokia 6131 0

Not Vulnerable:

Discussion

Nokia 6131 Multiple Vulnerabilities

Nokia 6131 is prone to multiple vulnerabilities.

The device is affected by URI-spoofing and denial-of-service issues.

Remote attackers may spoof the source URI of a site to direct users to a malicious location and trigger crashes in an affected device.

UPDATE (June 18, 2009): The Nokia 6212 Classic phone is vulnerable to one of the denial-of-service vulnerabilities.

Exploit / POC

Nokia 6131 Multiple Vulnerabilities

An attacker can exploit this issue using standard utilities.

Solution / Fix

Nokia 6131 Multiple Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

Nokia 6131 Multiple Vulnerabilities

References:

Nokia 6131 (Nokia)
Nokia 6131 NFC URI Spoofing and DoS Advisory (Collin Mulliner)
Nokia Homepage (Nokia)
Nokia 6131 NFC URI/URL Spoofing and DoS Advisory (Collin R. Mulliner)
Nokia 6212 classic URI spoofing and DoS advisory (original date: Dec. 2008) (Collin Mulliner )