This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Hp First view 2010-10-28
Product Palm Webos Last view 2010-12-08
Version 1.4.1 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:o:hp:palm_webos

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2010-12-08 CVE-2010-4109

Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.

5.6 2010-10-28 CVE-2010-4027

Unspecified vulnerability in the camera application in HP Palm webOS 1.4.1 allows local users to overwrite arbitrary files via unknown vectors.

6.2 2010-10-28 CVE-2010-4026

Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 allows local users to gain privileges by leveraging the ability to perform certain service calls.

9.3 2010-10-28 CVE-2010-4025

Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document.

CWE : Common Weakness Enumeration

100% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

Open Source Vulnerability Database (OSVDB)

id Description
69600 HP Palm WebOS Contacts Application Crafted vCard XSS
69211 HP Palm webOS Camera Application Unspecified Arbitrary File Overwrite
69210 HP Palm webOS Service API Unspecified Service Call Local Privilege Escalation
69209 HP Palm webOS Doc Viewer Crafted Word Document Arbitrary Code Execution