CVE-2007-3443

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2007-3443 to a friend

New vulnerability?
New tool?
Tell us

Credit:

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2007-3443

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* BlackBerry Internet Service 2.0
* Microsoft Internet Explorer
* T-Mobile My E-mail

A BlackBerry 7270 smartphone receives a malicious SIP INVITE message. When the BlackBerry smartphone user ends a received call, the Phone application does not disconnect the call successfully and stops responding for approximately 30 to 40 seconds, until the BlackBerry 7270 smartphone clears the INVITE transaction state properly. The following problems occur on the BlackBerry smartphone:

* The BlackBerry smartphone continues to transmit responses to the SIP INVITE message.
* When the BlackBerry smartphone user tries to initiate the call, the following error message is displayed:Cannot connect. Call in progress
* The BlackBerry smartphone does not receive incoming calls. The caller receives a busy signal.

Vendor Status:
Blackberry had issued a security update for this vulnerability

Patch Availability:
http://btsc.webapps.blackberry.com/btsc/viewdocument.do?noCount=true&externalId=KB12705&sliceId=1&cmd=displayKC&docType=kc&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl

CVE Information:
CVE-2007-3443

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus