J-Security Center

Title: Research In Motion Blackberry Remote Denial of Service Vulnerability

Severity: HIGH

Description:

The Research In Motion Blackberry 7230 is a wireless device designed to facilitate remote, portable access to email, Internet, and telephone services.

The Research In Motion Blackberry 7230 is affected by a remote denial of service vulnerability. This issue is due to the device attempting to copy a long message in to flash memory.

The problem presents itself when a meeting request message is sent from Microsoft Outlook that contains a string passed through the 'location:' field that is longer than 131072 (128kb) characters. Apparently the device will attempt to copy the malicious string into flash memory and restart.

It is reported that the condition results because a watchdog timer times out during the memory copy. This will facilitate the loss of any email messages stored on the device. An attacker can carry out a sustained denial of service attack by sending continuous malicious messages to the device.

Although this issue reportedly only affects the blackberry 7230 with firmware version 3.7.1.41 it is likely that other versions are affected as well.

Update: This issue was originally identified as a buffer overflow vulnerability. New information suggests that it is only a remote denial of service condition. This BID is being updated to reflect this information.

Affected Products:

  • Research In Motion Blackberry 7230 3.7.1 .41

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.