YISTA

BlackBerry Browser DoS Vulnerability

March 14th, 2007 by George Burnett

Michael Kemp has discovered a denial of service issue in the BlackBerry Browser. An BlackBerry device running OS version 4.2 or earlier would be affected as RIM has released a patched version 4.2.1 which fixes this issue.

Here is how the vulnerability works:

  1. Construct a WML page that contains an overly long string value within a link (e.g.: a href=”aaaaaaaaaaaaaaaaaaa” etc.).
  2. Now navigate to this link with your BlackBerry Browser.
  3. Commence temporary Denial of Service within the 4thPass browser component on the device, and temporary device inoperability.

The only ways out of this DoS is to either wait it out or pull the battery. The amount of time you wait is relative to the size of the link causing the attack.

I have personally experienced this with my BlackBerry 8700 though I didn’t know what was causing it at the time.

More info:
RIM Bulletin
BugTraq

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Filed under: Mobiles, Security Article tags: Blackberry

Leave a Reply

Yah, I saw that already too, but just in case you may missed something YISTA is here to keep you up-to-date on the latest hardware, technologies, hacks and caffeinated properties :) Subscribe to our newsletter. Send tips and requests.
Grab our RSS feed  .

Additional Possibly Related Posts:

  • MacBook Zero-Day @ CanSecWest
  • BlackBerry Internet Service 2.0
  • BGR on the BlackBerry 9000
  • RIM reveals a workaround for the Blackberry
  • Rumored AppleBerry!?

YISTA Sections Show Sections | Hide Sections

  • *nix
  • Apple
  • Arts
  • Audio
  • Caffeine
  • Coding
  • Conferences
  • Design
  • File Sharing
  • Gadgets
  • Gaming
  • Google
  • Guides
  • Hacks
  • Hardware
  • iPod
  • Laptops
  • Microsoft
  • Mobiles
  • Mods
  • Movies
  • Networking
  • News
  • Open Source
  • Parody
  • Rumors
  • Search
  • Security
  • Social Networking
  • Software
  • TV
  • Uncategorized
  • Videos
  • Viruses
  • VoIP
  • Web 2.0
  • Wireless

YISTA Sections OLPC Windows Blue Screen Edition Order Google Search Results By Time Steampunk Star Wars Demonoid Returns Create MPEGs of Your Favorite YouTube Videos RC4 Encrypt Your Torrents Portable Mobile 3G to Wi-Fi Hotspot Device OBEY Ubuntu Posters Klikk Camera Mount BlackBerrys & iPhones - The Comic The Library Of Congress Goes Web 2.* Wii Fit To Hit US In Q2

Hot Topics

Apple Arts AT&T Blackberry Caffeine code Coding comic compiz Conferences Dell Design DIY DRM Firefox Flickr Gaming Google Hacks iPhone iPod iTunes Linux Macbook Mac OS X Mobiles music Nintendo OLPC Open Source Parody robots Search Security Software The Pirate Bay torrents TV Ubuntu Videos VoIP Web 2.0 web app Wii

. Sign up for the YISTA daily email
You will receive our new posts delivered right into your inbox every afternoon. It's free and easy!

Recent Comments

iPhone Video Conference Hack
08/13/2008 07:02 pm
2 Comments
Trinome? A Monome Clone
07/24/2008 12:52 am
1 Comment
All Aboard the Internet Omnibus
06/06/2008 12:44 pm
2 Comments
All Colors Together - Obama Poster
05/24/2008 05:24 pm
3 Comments

Recent Posts

Welcome to the World of Tomorrow!
08/22/2008
Eclipse Code Swarm
06/17/2008
BMW’s Flexible GINA
06/11/2008
Hive Mind Robot Swarms By 2025
06/08/2008
Deathstar Cantina Comedy
05/31/2008

About YISTA

YISTA is the No. 1 technologist's guide for geeks. w00t indeed!

Subscribe: Newsletter | RSS Feed RSS

Browse: The Archives

Contact: Tips & Requests | Advertise

Copyright © 2005-2008 YISTA. All rights reserved.  Proudly powered by WordPress.