Vulnerability CVE-2004-1597

Vulnerability CVE-2004-1597

Published: 2004-10-13 Modified: 2012-02-12

Description:

RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
None	None	Partial

Affected software
RIM -> Blackberry

References:

http://xforce.iss.net/xforce/xfdb/17700

http://www.securityfocus.com/bid/11389

http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/Known_%20Issues_-_HexView_advisory_on_BlackBerry_buffer_overflow,_DoS,_and_data_loss.html?nodeid=737173&vernum=0

http://secunia.com/advisories/12814

http://www.hexview.com/docs/20041012-1.txt

http://marc.theaimsgroup.com/?l=bugtraq&m=109778267829493&w=2

http://marc.theaimsgroup.com/?l=bugtraq&m=109769022430842&w=2

http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027487.html

Vulnerability CVE-2004-1597

RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

5/10

2.9/10

10/10

Remote

Low

No required

None

None

Partial

Affected software

References: