CVE-2009-0396

Severity CVSS v4.0:

Pending analysis

Type:

CWE-20 Input Validation

Publication date:

03/02/2009

Last modified:

09/04/2025

Description

The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, W880i, and K530i phones allow remote attackers to cause a denial of service (device reboot or hang-up) via a malformed WAP Push packet to (1) SMS or (2) UDP port 2948.

Impact

Vector 2.0

AV:N/AC:L/Au:N/C:N/I:N/A:C CVSS v2.0 Severity and Metrics:

Base Score: 7.80 HIGH
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Attack Vector (AV): Network
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): None
Integrity (I): None
Availability (A): Complete

Base Score 2.0

7.80

Severity 2.0

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:h:sony_ericsson:k530i::::::::
cpe:2.3:h:sony_ericsson:k610i::::::::
cpe:2.3:h:sony_ericsson:k618i::::::::
cpe:2.3:h:sony_ericsson:k660i::::::::
cpe:2.3:h:sony_ericsson:k810i::::::::
cpe:2.3:h:sony_ericsson:w660i::::::::
cpe:2.3:h:sony_ericsson:w880i::::::::
cpe:2.3:h:sony_ericsson:w910i::::::::
cpe:2.3:h:sony_ericsson:z610i::::::::

To consult the complete list of CPE names with products and versions, see this page

CPE	From	Up to
cpe:2.3:h:sony_ericsson:k530i::::::::
cpe:2.3:h:sony_ericsson:k610i::::::::
cpe:2.3:h:sony_ericsson:k618i::::::::
cpe:2.3:h:sony_ericsson:k660i::::::::
cpe:2.3:h:sony_ericsson:k810i::::::::
cpe:2.3:h:sony_ericsson:w660i::::::::
cpe:2.3:h:sony_ericsson:w880i::::::::
cpe:2.3:h:sony_ericsson:w910i::::::::
cpe:2.3:h:sony_ericsson:z610i::::::::

CVE-2009-0396

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools