{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-02-13T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"}, {"name": "20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded"}, {"name": "33724", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33724"}, {"name": "20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded"}, {"name": "20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded"}, {"name": "palmos-findfeature-security-bypass(32502)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"}, {"tags": ["x_refsource_MISC"], "url": "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445"}, {"name": "22468", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22468"}, {"name": "20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded"}, {"name": "2260", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/2260"}, {"name": "20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0859", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded"}, {"name": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt", "refsource": "MISC", "url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"}, {"name": "20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded"}, {"name": "33724", "refsource": "OSVDB", "url": "http://osvdb.org/33724"}, {"name": "20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded"}, {"name": "20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded"}, {"name": "palmos-findfeature-security-bypass(32502)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"}, {"name": "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445", "refsource": "MISC", "url": "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445"}, {"name": "22468", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22468"}, {"name": "20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded"}, {"name": "2260", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2260"}, {"name": "20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:34:21.327Z"}, "title": "CVE Program Container", "references": [{"name": "20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"}, {"name": "20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded"}, {"name": "33724", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/33724"}, {"name": "20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded"}, {"name": "20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded"}, {"name": "palmos-findfeature-security-bypass(32502)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445"}, {"name": "22468", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22468"}, {"name": "20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded"}, {"name": "2260", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/2260"}, {"name": "20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0859", "datePublished": "2007-02-16T00:00:00.000Z", "dateReserved": "2007-02-08T00:00:00.000Z", "dateUpdated": "2024-08-07T12:34:21.327Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:palm:treo:650:*:*:*:*:*:*:*", "matchCriteriaId": "6C7C6071-28DC-4EBF-BCB9-58134E21F085", "vulnerable": true}, {"criteria": "cpe:2.3:h:palm:treo:680:*:*:*:*:*:*:*", "matchCriteriaId": "61A04B62-2406-40D2-A966-3534EC822501", "vulnerable": true}, {"criteria": "cpe:2.3:h:palm:treo:700p:*:*:*:*:*:*:*", "matchCriteriaId": "C560DFBC-A46D-4489-9A8A-A6B35E967C13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."}, {"lang": "es", "value": "La caracter\u00edstica Find en los tel\u00e9fonos inteligentes (smart phones) Palm OS Treo operan a pesar del sistema de bloqueo de contrase\u00f1a, lo cual permite a atacantes con acceso f\u00edsico, obtener informaci\u00f3n confidencial (contenidos de memoria) realizando (1) b\u00fasquedas de texto \u00f3 (2) operaciones de pegado tras presionar atajos de teclado concretos."}], "id": "CVE-2007-0859", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-02-16T00:28:00.000", "references": [{"source": "cve@mitre.org", "url": "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/33724"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/2260"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/22468"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/33724"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/2260"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/22468"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}