- Description
- The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not viewing web pages in landscape mode, allows remote attackers to cause a denial of service (crash) via a web page containing a long string following a refresh tag, which triggers a floating point exception.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5.4
- Impact score
- 6.9
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:N/I:N/A:C
- nvd@nist.gov
- CWE-399
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:palm_pre_webos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26D8E6DF-FA92-4A14-8701-8049BA053F2E",
"versionEndIncluding": "1.1.0"
},
{
"criteria": "cpe:2.3:o:hp:palm_pre_webos:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B50EAFC-68AC-4E87-9ADD-032C8432E6D1"
},
{
"criteria": "cpe:2.3:o:hp:palm_pre_webos:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A912CC8D-70EF-4D69-96D9-899D8B91CC3C"
},
{
"criteria": "cpe:2.3:o:hp:palm_pre_webos:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07ABE032-0F75-446D-802C-8448D004DD3C"
}
],
"operator": "OR"
}
]
}
]