CVE-2007-3442

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2007-3442 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by Sipera .

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2007-3442

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* BlackBerry 7270 smartphone
* BlackBerry Device Software 4.0 Service Pack 1 Bundle 83 and earlier

A DoS may occur in the Phone application of the BlackBerry 7270 smartphone.

A person with malicious intent sends a malformed SIP INVITE message that includes a Uniform Resource Identifier (URI) with a user name, but no host name in the Contact header to the BlackBerry 7270 smartphone. As a result, format string vulnerabilities on the BlackBerry smartphone may prevent the BlackBerry smartphone user from making a call using the Phone application on the BlackBerry 7270 smartphone.

Vendor Status:
Blackberry had issued a security update for this vulnerability

Patch Availability:
http://btsc.webapps.blackberry.com/btsc/viewdocument.do?noCount=true&externalId=KB12707&sliceId=1&cmd=displayKC&docType=kc&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl

CVE Information:
CVE-2007-3442

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus