Vulnerability Description
GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message.
CVSS Score
3.7
LOW
AV:L/AC:H/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | S55 | 09.2179 |
References
- http://marc.info/?l=full-disclosure&m=108308895624565&w=2
- http://marc.info/?l=full-disclosure&m=108325033624812&w=2
- http://secunia.com/advisories/11492Vendor Advisory
- http://securitytracker.com/alerts/2004/Apr/1009959.html
- http://www.osvdb.org/5703
- http://www.securityfocus.com/bid/10227Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15995
- http://marc.info/?l=full-disclosure&m=108308895624565&w=2
- http://marc.info/?l=full-disclosure&m=108325033624812&w=2
- http://secunia.com/advisories/11492Vendor Advisory
- http://securitytracker.com/alerts/2004/Apr/1009959.html
- http://www.osvdb.org/5703
- http://www.securityfocus.com/bid/10227Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15995
FAQ
What is CVE-2004-2626?
CVE-2004-2626 is a vulnerability with a CVSS score of 3.7 (LOW). GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message.
How severe is CVE-2004-2626?
CVE-2004-2626 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2626?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens S55.