CVE-2000-1008

PalmOS <3.5.2 - Info Disclosure

Title source: llm

Description

PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device.

Exploits (1)

exploitdb WRITEUP VERIFIED

by @stake · textlocalpalm_os

https://www.exploit-db.com/exploits/20241

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1715

Exploit, Patch, Vendor Advisory vendor-advisory x_refsource_atstake

http://www.atstake.com/research/advisories/2000/a092600-1.txt

Scores

EPSS 0.0049

EPSS Percentile 65.6%

Details

Status published

Products (1)

palm/palm_os < 3.5.2

Published Dec 11, 2000

Tracked Since Feb 18, 2026