CVE-2009-5097 Information
Feb 14, 2021
cve
Description
Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages which allows remote attackers to execute arbitrary JavaScript as demonstrated by reading PalmDatabase.db3.
Reference
http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html12 http://secunia.com/advisories/36936 http://tlhsecurity.blogspot.com/2009/10/palm-pre-webos-11-remote-file-access.html http://www.precentral.net/webos-1-2-fixed-serious-file-security-issue http://www.securitytracker.com/id?1022987
Share on: