SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips
 

Vulnerability Note VU#829400

Research in Motion (RIM) BlackBerry Handheld web browser does not properly handle Java Application Description (JAD) files

Overview

The Research in Motion (RIM) BlackBerry Handheld web browser is vulnerable to a denial of service via a specially crafted Java Application Description (JAD) file.

I. Description

The BlackBerry Handheld web browser does not properly handle malformed JAD files. JAD files in J2ME are used to describe Java applications (icons, size, description, vendor, platform requirements, etc) to the BlackBerry Handheld. From RIM Technical Knowledge Center article KB-04755:

    If the JAD file is formatted to contain a long application name and vendor string (i.e., 256 or more characters) to your BlackBerry device, the browser appears to stop responding.
    ...
    A browser dialog is not properly dismissed. The browser displays the application name or vendor string on the download screen (this appears as several lines). The long application name indicates that there may be problems with the JAD file and caution should be exercised when downloading the application.

II. Impact

By convincing a user to access a specially crafted JAD file, an unauthenticated, remote attacker could cause the browser to hang.

III. Solution

Upgrade

According to RIM Technical Knowledge Center article KB-04755: "Install BlackBerry Device Software 4.0.2 or later. To obtain the most recent version of the device software, contact your service provider."

Bypass browser dialog

To bypass the browser dialog, start a new browser application, or click on a URL from an email message.

Reset BlackBerry Handheld device

If necessary, reset the BlackBerry Handheld by removing and re-inserting the battery.

Systems Affected

VendorStatusDate Updated
Research in Motion (RIM)Vulnerable31-Dec-2005

References


http://events.ccc.de/congress/2005/fahrplan/events/596.en.html
http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791
http://www.blackberry.com/knowledgecenterpublic/livelink.exe/?func=doc.Fetch&nodeId=739746

Credit

This vulnerability was reported by FX of Phenoelit. Thanks to RIM for information used in this document.

This document was written by Art Manion.

Other Information

Date Public12/27/2005
Date First Published12/31/2005 02:59:03 AM
Date Last Updated12/31/2005
CERT Advisory 
CVE-ID(s)CAN-2005-2343
NVD-ID(s)CAN-2005-2343
US-CERT Technical Alerts 
Metric2.46
Document Revision8

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2005 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader