Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image.

Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files.