ID
VAR-201111-0330
TITLE
Samsung Omnia 7 'RapidConfig.exe' XML Provision Remote Code Execution Vulnerability
Trust: 0.9
sources:
CNVD: CNVD-2011-4899 //
BID: 50682
DESCRIPTION
Samsung Omnia 7 is a Microsoft system smartphone. Samsung Omnia 7 has a security hole that allows malicious users to control user devices. A security vulnerability exists in the RapiConfig.exe configuration tool for device binding, and any provisioning XML file can be executed through the directory traversal sequence
Trust: 0.81
sources:
CNVD: CNVD-2011-4899 //
BID: 50682
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2011-4899
AFFECTED PRODUCTS
| vendor: | samsung | model: | omnia 700orarajj6 | scope: | eq | version: | 7 | Trust: 0.9 |
sources:
CNVD: CNVD-2011-4899 //
BID: 50682
THREAT TYPE
network
Trust: 0.3
sources:
BID: 50682
TYPE
Design Error
Trust: 0.3
sources:
BID: 50682
EXTERNAL IDS
| db: | BID | id: | 50682 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2011-4899 | Trust: 0.6 |
sources:
CNVD: CNVD-2011-4899 //
BID: 50682
REFERENCES
| url: | http://www.securityfocus.com/bid/50682 | Trust: 0.6 |
| url: | http://www.samsung.com/ | Trust: 0.3 |
| url: | http://labs.mwrinfosecurity.com/files/advisories/mwri_samsung-provxml_2011-11-10.pdf | Trust: 0.3 |
sources:
CNVD: CNVD-2011-4899 //
BID: 50682
CREDITS
Alex Plaskett of MWR InfoSecurity.
Trust: 0.3
sources:
BID: 50682
SOURCES
| db: | CNVD | id: | CNVD-2011-4899 |
| db: | BID | id: | 50682 |
LAST UPDATE DATE
2022-05-17T01:43:33.074000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-4899 | date: | 2011-11-16T00:00:00 |
| db: | BID | id: | 50682 | date: | 2011-11-15T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2011-4899 | date: | 2011-11-16T00:00:00 |
| db: | BID | id: | 50682 | date: | 2011-11-15T00:00:00 |