Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16328
HistoryMar 12, 2007 - 12:00 a.m.

[Full-disclosure] RIM BlackBerry Pearl 8100 Browser DoS

2007-03-1200:00:00
vulners.com
8
JSON

RIM BlackBerry Pearl 8100 Browser DoS

12 March 2007

Summary:
A vulnerability has been discovered that could impact upon the availability
of the BlackBerry 8100 Wireless handheld (v4.2.0.51). It is possible for a
remote attacker to construct a WML page that contains an overly long string
value within a link (e.g.: <a href = "aaaaaaaaaaaaaaaaaaa etc.>). Should the
page or link be accessed by BlackBerry devices, this leads to a temporary
Denial of Service within the 4thPass browser component on the device, and
temporary device inoperability. Normal functionality will be returned to the
browser / device after an amount of time relative to the size of the link
supplied, or by physically removing and reinserting the battery thereby
creating a reset.

Business Impact:
Exploitation of this issue can lead to a loss of device functionality.

Affected Product(s):
The BlackBerry 8100 (Pearl) handheld device (v4.2.0.51)

Remediation:
Upgrade to vendor patch 4.2.1

Additional details of this vulnerability are available from the vendor at
www.blackberry.com/security/news.jsp

Credit:
Michael Kemp (www.clappymonkey.com)

JSON