返回 CVE 浏览器

CVE-2009-5098

MEDIUM

5.4

CVSS Severity Score

EPSS Score0.1490%

EPSS Percentile35.47th

Published2011年9月13日

Last Modified2026年4月29日

Vulnerability Description

The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not viewing web pages in landscape mode, allows remote attackers to cause a denial of service (crash) via a web page containing a long string following a refresh tag, which triggers a floating point exception.

Affected Platforms (CPE)

💻

Hp

Palm Pre Webos

<= 1.1.0

💻

Hp

Palm Pre Webos

= 1.0.2

💻

Hp

Palm Pre Webos

= 1.0.3

💻

Hp

Palm Pre Webos

= 1.0.4

References & Advisories

🔗 http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#12

🔗 http://secunia.com/advisories/36936

🔗 http://securityreason.com/securityalert/8373

🔗 http://tlhsecurity.blogspot.com/2009/10/palm-pre-webos-version-11-floating.html

🔗 http://www.securityfocus.com/archive/1/507126/100/0/threaded

🔗 http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#12

🔗 http://secunia.com/advisories/36936

🔗 http://securityreason.com/securityalert/8373

相关漏洞威胁

CVE-2009-507110.0

Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact tem...

CVE-2009-50977.1

Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, which allows remote attackers to execute arbitrary JavaScri...

CVE-2009-121010.0

Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execu...

CVE-2009-152010.0

Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5....