A vulnerability has been discovered that could impact upon the availability of the BlackBerry 8100 Wireless handheld version 4.2.0.51.
eebfd477932c88afd67e2c6ffb83fcbaf17f3eb7fd4b2ae480ab2bc44d5a136fRIM BlackBerry Pearl 8100 Browser DoS
------
12 March 2007
Summary:
A vulnerability has been discovered that could impact upon the availability of the BlackBerry 8100 Wireless handheld (v4.2.0.51). It is possible for a remote attacker to construct a WML page that contains an overly long string value within a link (e.g.: <a href = "aaaaaaaaaaaaaaaaaaa etc.>). Should the page or link be accessed by BlackBerry devices, this leads to a temporary Denial of Service within the 4thPass browser component on the device, and temporary device inoperability. Normal functionality will be returned to the browser / device after an amount of time relative to the size of the link supplied, or by physically removing and reinserting the battery thereby creating a reset.
Business Impact:
Exploitation of this issue can lead to a loss of device functionality.
Affected Product(s):
The BlackBerry 8100 (Pearl) handheld device (v4.2.0.51)
Remediation:
Upgrade to vendor patch 4.2.1
Additional details of this vulnerability are available from the vendor at www.blackberry.com/security/news.jsp
Credit:
Michael Kemp (www.clappymonkey.com)
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed