CVE-2008-5825 - OpenCVE

The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:H/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Nokia	6131 Nfc

Configuration 1 [-]

cpe:2.3:h:nokia:6131_nfc:05.12:*:*:*:*:*:*:*

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2008-08/0186.html
http://archives.neohapsis.com/archives/fulldisclosure/2008-08/0344.html	Exploit
http://events.ccc.de/congress/2008/Fahrplan/attachments/1109_collin_mulliner_eusecwest08_attacking_nfc_phones_slim.pdf
http://events.ccc.de/congress/2008/Fahrplan/events/2639.en.html
http://www.mulliner.org/nfc/feed/collin_mulliner_25c3_attacking_nfc_phones.pdf
http://www.mulliner.org/nfc/feed/collin_mulliner_eusecwest08_attacking_nfc_phones.pdf
http://www.mulliner.org/security/advisories/nokia6131nfc_uri_spoofing_and_dos_advisory.txt	Exploit
http://www.securityfocus.com/bid/30716
https://exchange.xforce.ibmcloud.com/vulnerabilities/44527

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2009-01-02T19:00:00

Updated: 2017-08-07T12:57:01

Reserved: 2009-01-02T00:00:00

Link: CVE-2008-5825

JSON object: View

NVD Information

Status : Modified

Published: 2009-01-02T19:30:01.797

Modified: 2017-08-08T01:33:33.827

Link: CVE-2008-5825

JSON object: View

Redhat Information

No data.

CWE

CWE-59

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-12-29T00:00:00", "descriptions": [{"lang": "en", "value": "The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \\r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.mulliner.org/nfc/feed/collin_mulliner_eusecwest08_attacking_nfc_phones.pdf"}, {"name": "30716", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30716"}, {"tags": ["x_refsource_MISC"], "url": "http://www.mulliner.org/security/advisories/nokia6131nfc_uri_spoofing_and_dos_advisory.txt"}, {"tags": ["x_refsource_MISC"], "url": "http://events.ccc.de/congress/2008/Fahrplan/attachments/1109_collin_mulliner_eusecwest08_attacking_nfc_phones_slim.pdf"}, {"tags": ["x_refsource_MISC"], "url": "http://events.ccc.de/congress/2008/Fahrplan/events/2639.en.html"}, {"name": "nokia-6131-ndef-uri-spoofing(44527)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44527"}, {"name": "20080816 Nokia 6131 NFC URI/URL Spoofing and DoS Advisory", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2008-08/0186.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.mulliner.org/nfc/feed/collin_mulliner_25c3_attacking_nfc_phones.pdf"}, {"name": "20080816 Nokia 6131 NFC URI/URL Spoofing and DoS Advisory", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-08/0344.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5825", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \\r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.mulliner.org/nfc/feed/collin_mulliner_eusecwest08_attacking_nfc_phones.pdf", "refsource": "MISC", "url": "http://www.mulliner.org/nfc/feed/collin_mulliner_eusecwest08_attacking_nfc_phones.pdf"}, {"name": "30716", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30716"}, {"name": "http://www.mulliner.org/security/advisories/nokia6131nfc_uri_spoofing_and_dos_advisory.txt", "refsource": "MISC", "url": "http://www.mulliner.org/security/advisories/nokia6131nfc_uri_spoofing_and_dos_advisory.txt"}, {"name": "http://events.ccc.de/congress/2008/Fahrplan/attachments/1109_collin_mulliner_eusecwest08_attacking_nfc_phones_slim.pdf", "refsource": "MISC", "url": "http://events.ccc.de/congress/2008/Fahrplan/attachments/1109_collin_mulliner_eusecwest08_attacking_nfc_phones_slim.pdf"}, {"name": "http://events.ccc.de/congress/2008/Fahrplan/events/2639.en.html", "refsource": "MISC", "url": "http://events.ccc.de/congress/2008/Fahrplan/events/2639.en.html"}, {"name": "nokia-6131-ndef-uri-spoofing(44527)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44527"}, {"name": "20080816 Nokia 6131 NFC URI/URL Spoofing and DoS Advisory", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2008-08/0186.html"}, {"name": "http://www.mulliner.org/nfc/feed/collin_mulliner_25c3_attacking_nfc_phones.pdf", "refsource": "MISC", "url": "http://www.mulliner.org/nfc/feed/collin_mulliner_25c3_attacking_nfc_phones.pdf"}, {"name": "20080816 Nokia 6131 NFC URI/URL Spoofing and DoS Advisory", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-08/0344.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5825", "datePublished": "2009-01-02T19:00:00", "dateReserved": "2009-01-02T00:00:00", "dateUpdated": "2017-08-07T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:nokia:6131_nfc:05.12:*:*:*:*:*:*:*", "matchCriteriaId": "EDFC8440-A930-409A-9235-D1DF479E8C1E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \\r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone."}, {"lang": "es", "value": "La implementaci\u00f3n del tel\u00e9fono Nokia 6131 Near Field Communication (NFC) con firmware v05.12 no muestra de forma adecuada el registro URI cuando el registro Title contiene una combinaci\u00f3n precisa de los caracteres: espacios, CR (tambi\u00e9n conocidos como \\r), y . (punto), lo que permite a atacantes remotos enga\u00f1ar al usuario a cargar una URI de su elecci\u00f3n a trav\u00e9s de una etiqueta NDEF manipulada, como se demostr\u00f3 en (1) http: URI para sitio web malicioso, (2) un tel\u00e9fono: URI para un n\u00famero de tel\u00e9fono de tasa premium y (3) un SMS: URI que produce una compra de un tono para el m\u00f3vil."}], "id": "CVE-2008-5825", "lastModified": "2017-08-08T01:33:33.827", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-01-02T19:30:01.797", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2008-08/0186.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-08/0344.html"}, {"source": "cve@mitre.org", "url": "http://events.ccc.de/congress/2008/Fahrplan/attachments/1109_collin_mulliner_eusecwest08_attacking_nfc_phones_slim.pdf"}, {"source": "cve@mitre.org", "url": "http://events.ccc.de/congress/2008/Fahrplan/events/2639.en.html"}, {"source": "cve@mitre.org", "url": "http://www.mulliner.org/nfc/feed/collin_mulliner_25c3_attacking_nfc_phones.pdf"}, {"source": "cve@mitre.org", "url": "http://www.mulliner.org/nfc/feed/collin_mulliner_eusecwest08_attacking_nfc_phones.pdf"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.mulliner.org/security/advisories/nokia6131nfc_uri_spoofing_and_dos_advisory.txt"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/30716"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44527"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}