CVE-2007-2590

2007-05-1103:55:00

mitre

www.cve.org

6.3 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

84.0%

JSON

Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to obtain user names and other sensitive information via a direct request to (1) usrmgr/userList.asp or (2) usrmgr/userStatusList.asp.

References

osvdb.org/34514

secunia.com/advisories/25212

securityreason.com/securityalert/2689

www.sec-consult.com/289.html

www.securityfocus.com/archive/1/468048/100/0/threaded

www.vupen.com/english/advisories/2007/1727