YISTA

BlackBerry Browser DoS Vulnerability

March 14th, 2007 by George Burnett

Michael Kemp has discovered a denial of service issue in the BlackBerry Browser. An BlackBerry device running OS version 4.2 or earlier would be affected as RIM has released a patched version 4.2.1 which fixes this issue.

Here is how the vulnerability works:

  1. Construct a WML page that contains an overly long string value within a link (e.g.: a href=”aaaaaaaaaaaaaaaaaaa” etc.).
  2. Now navigate to this link with your BlackBerry Browser.
  3. Commence temporary Denial of Service within the 4thPass browser component on the device, and temporary device inoperability.

The only ways out of this DoS is to either wait it out or pull the battery. The amount of time you wait is relative to the size of the link causing the attack.

I have personally experienced this with my BlackBerry 8700 though I didn’t know what was causing it at the time.

More info:
RIM Bulletin
BugTraq

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Filed under: Mobiles, Security Article tags: Blackberry

Leave a Reply

Yah, I saw that already too, but just in case you may missed something YISTA is here to keep you up-to-date on the latest hardware, technologies, hacks and caffeinated properties :) Subscribe to our newsletter. Send tips and requests.
Grab our RSS feed   |  Follow us on Twitter YISTA on Twitter

Additional Possibly Related Posts:

  • MacBook Zero-Day @ CanSecWest
  • BlackBerry Internet Service 2.0
  • BGR on the BlackBerry 9000
  • RIM reveals a workaround for the Blackberry
  • Rumored AppleBerry!?

YISTA Sections Show Sections | Hide Sections

  • *nix
  • Apple
  • Arts
  • Audio
  • Caffeine
  • Coding
  • Conferences
  • Design
  • File Sharing
  • Gadgets
  • Games
  • Gaming
  • Google
  • Guides
  • Hacks
  • Hardware
  • Health
  • iPod
  • Laptops
  • Microsoft
  • Mobiles
  • Mods
  • Movies
  • Networking
  • News
  • Nintendo
  • Open Source
  • Parody
  • Rumors
  • Search
  • Security
  • Social Networking
  • Software
  • TV
  • Uncategorized
  • Videos
  • Viruses
  • VoIP
  • Web 2.0
  • Wireless

YISTA Sections Open Cloud Manifesto Leaked OLPC Windows Blue Screen Edition Freevo : A MythTV Alternative Columbus Laboratory Installed To The ISS The Evolution Of Mario, Link & Donkey Kong Douchebag Flowchart Adobe Apollo, Dekoh and Joyent Slingshot launch YouTorrent Brings Ultimate Searchability Video iPod Leaked Pic? Microsoft's “Big Ass Table” Futurama/Simpsons Crossover Comic Inventec UMPC 7-A

Hot Topics

Amazon Apple Arts Blackberry Caffeine code Coding comic compiz Conferences Dell Design DIY DRM Firefox Flickr Google Hacks Hardware iPhone iPod iTunes Linux Macbook Mac OS X Mobiles music Nintendo OLPC Open Source Palm Parody robots Search Security Software space The Pirate Bay torrents Ubuntu Videos VoIP Web 2.0 web app Wii

. Sign up for the YISTA daily email
You will receive our new posts delivered right into your inbox every afternoon. It's free and easy!

Recent Comments

Steampunk Star Wars
03/10/2010 05:39 pm
2 Comments
Fujitsu ScanSnap S510 Mac Hack Download
03/10/2010 07:07 am
3 Comments
Lazy Sunday Live on Late Night w/ Jimmy Fallon
03/09/2010 10:18 am
2 Comments
SNL’s “Lazy Sunday”

1 Comment

Recent Posts

Lazy Sunday Live on Late Night w/ Jimmy Fallon
03/09/2010
Fujitsu ScanSnap S510 Mac Hack Download
03/01/2010
Android Mini Collectibles
02/03/2010
Chromium Concept Touch UI Under Development
02/02/2010
Pyxis is a Professional Arduino OS
02/02/2010

About YISTA

YISTA is the No. 1 technologist's guide for geeks. w00t indeed!

Subscribe: Newsletter | RSS Feed RSS

Browse: The Archives

Contact: Tips & Requests | Advertise

Copyright © 2005-2008 YISTA. All rights reserved.  Proudly powered by WordPress.