J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1537
    posted: 11/06/09
  • NSM Daily Update #1537
    posted: 11/06/09
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1537
    posted: 11/06/09
  • Deep Inspection 5.1 and 5.2 #1435
    posted: 11/06/09
  • Deep Inspection 5.0, 5.3r4 and below #1132
    posted: 03/28/08 (04/01/08 for 5.0)
  • Antivirus
    posted: 11/05/09

Title: Blackberry Handheld JAD File Browser Denial Of Service Vulnerability

Severity: MODERATE

Description:

Blackberry Handheld devices are prone to a denial of service attack. The embedded Web browser will stop responding due to a dialog box that has not been properly dismissed when handling a malformed JAD (Java Application Description) file.

The vulnerability is caused when the user of the device downloads a malformed JAD file from a Web site. The JAD file will specify a long application name and vendor string of 256 bytes or more.

This issue affects device running Blackberry Device Software versions prior to 4.0.2.

Affected Products:

  • Research In Motion Blackberry 7100g 0.0.0
  • Research In Motion Blackberry 7100i 0.0.0
  • Research In Motion Blackberry 7100r 0.0.0
  • Research In Motion Blackberry 7100t 0.0.0
  • Research In Motion Blackberry 7100v 0.0.0
  • Research In Motion Blackberry 7100x 0.0.0
  • Research In Motion Blackberry 7105t 0.0.0
  • Research In Motion Blackberry 7130e 0.0.0
  • Research In Motion Blackberry 7230 3.7.1.41
  • Research In Motion Blackberry 7230 3.8.0
  • Research In Motion Blackberry 7230 4.0.0
  • Research In Motion Blackberry 7250 0.0.0
  • Research In Motion Blackberry 7280 0.0.0
  • Research In Motion Blackberry 7290 0.0.0
  • Research In Motion Blackberry 7520 0.0.0
  • Research In Motion Blackberry 7730 0.0.0
  • Research In Motion Blackberry 7750 0.0.0
  • Research In Motion Blackberry 7780 0.0.0
  • Research In Motion Blackberry 8700c 0.0.0
  • Research In Motion Blackberry 8700f 0.0.0
  • Research In Motion Blackberry 8700r 0.0.0
  • Research In Motion Blackberry Desktop Manager
  • Research In Motion Blackberry Device Software 4.0.0

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.