A vulnerability was found in Nokia 9500 (unknown version). It has been classified as problematic. This affects an unknown code block. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability. The summary by CVE is:

The vCard viewer in Nokia 9500 allows attackers to cause a denial of service (crash) via a vCard with a long Name field, which causes the crash when the user views it.

The weakness was shared 05/26/2005 by Marek Bialoglowy (Website). It is possible to read the advisory at securityfocus.com. This vulnerability is uniquely identified as CVE-2005-1801 since 06/01/2005. The exploitability is told to be difficult. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details are unknown but a public exploit is available.

The exploit is shared for download at exploit-db.com. It is declared as proof-of-concept.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The vulnerability is also documented in the databases at Exploit-DB (25736) and SecurityFocus (BID 13784†). The entry VDB-25401 is related to this item. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Vendor

• Nokia

Name

• 9500

License

• commercial

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion