The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Treo | Palm | 650 (including) | 650 (including) |
| Treo | Palm | 680 (including) | 680 (including) |
| Treo | Palm | 700p (including) | 700p (including) |
References
- http://discussion.treocentral.com/showthread.php?p=1199445\u0026posted=1#post1199445
- http://osvdb.org/33724
- http://securityreason.com/securityalert/2260
- http://www.securityfocus.com/archive/1/460059/100/0/threaded
- http://www.securityfocus.com/archive/1/460328/100/0/threaded
- http://www.securityfocus.com/archive/1/460901/100/0/threaded
- http://www.securityfocus.com/archive/1/460908/100/0/threaded
- http://www.securityfocus.com/archive/1/460911/100/0/threaded
- http://www.securityfocus.com/archive/1/460954/100/0/threaded
- http://www.securityfocus.com/bid/22468
- http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32502
- http://discussion.treocentral.com/showthread.php?p=1199445\u0026posted=1#post1199445
- http://osvdb.org/33724
- http://securityreason.com/securityalert/2260
- http://www.securityfocus.com/archive/1/460059/100/0/threaded
- http://www.securityfocus.com/archive/1/460328/100/0/threaded
- http://www.securityfocus.com/archive/1/460901/100/0/threaded
- http://www.securityfocus.com/archive/1/460908/100/0/threaded
- http://www.securityfocus.com/archive/1/460911/100/0/threaded
- http://www.securityfocus.com/archive/1/460954/100/0/threaded
- http://www.securityfocus.com/bid/22468
- http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32502