FKIE_CVE-2005-2343

Vulnerability from fkie_nvd - Published: 2005-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.
References
cret@cert.orghttp://securitytracker.com/id?1015428
cret@cert.orghttp://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791
cret@cert.orghttp://www.kb.cert.org/vuls/id/829400Third Party Advisory, US Government Resource
cret@cert.orghttp://www.securityfocus.com/bid/16099
cret@cert.orghttp://www.vupen.com/english/advisories/2006/0011
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015428
af854a3a-2127-422b-91ae-364da2661108http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/829400Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16099
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0011
Impacted products
Vendor Product Version
rim blackberry_desktop_manager 4.0
rim blackberry_device_software 4.0
rim blackberry 7100g
rim blackberry 7100i
rim blackberry 7100r
rim blackberry 7100t
rim blackberry 7100v
rim blackberry 7100x
rim blackberry 7105t
rim blackberry 7130e
rim blackberry 7230_3.7.1_.41
rim blackberry 7230_3.8
rim blackberry 7230_4.0
rim blackberry 7250
rim blackberry 7280
rim blackberry 7290
rim blackberry 7520
rim blackberry 7730
rim blackberry 7750
rim blackberry 7780
rim blackberry 8700c
rim blackberry 8700f
rim blackberry 8700r
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rim:blackberry_desktop_manager:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9477C1A-2072-4362-BD67-27C721E7E805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry_device_software:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "500A2D65-7220-4252-856F-052EA40EFB12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7100g:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE6C1404-8B96-460C-9060-04C402E23AF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7100i:*:*:*:*:*:*:*",
              "matchCriteriaId": "E08E215F-7EF3-4012-8D14-689EE1550A67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7100r:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CD32AF-AB92-4215-9062-BB3E97444518",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7100t:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE29076-C3FD-475A-AE95-41E78596AC75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7100v:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD365609-508D-4501-86DB-2D510F0F1071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7100x:*:*:*:*:*:*:*",
              "matchCriteriaId": "6142B7E1-002A-4BA5-A062-2614029FCA30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7105t:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFBCA036-2636-451D-A03F-20D4B2837D8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7130e:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA64687-7D57-4630-A948-A4C510164AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7230_3.7.1_.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AC44A87-CE11-48F8-BBF1-7971784D4A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7230_3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7FE590B-9A8A-4839-91F9-941B192EA2C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7230_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5080187-373E-47FE-9970-30049690E632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7250:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E4214E-8D31-4E0C-8266-89D228605A13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7280:*:*:*:*:*:*:*",
              "matchCriteriaId": "5038858C-709E-4C0D-80A9-41E8A3D07633",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7290:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F290329-09CC-40C8-A928-CD66841B68D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7520:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8485224-909C-440C-93BB-B059E89CBB87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7730:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD18A44-5A92-41DF-B67E-A4EF010BCE2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7750:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5FCD19-F244-4E53-A843-AF4D053C3680",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:7780:*:*:*:*:*:*:*",
              "matchCriteriaId": "30142764-C686-432F-BFA4-F7D42C232CE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:8700c:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DC35A6-D335-4968-81AD-5A4FE982F550",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:8700f:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D7A8585-EE80-46F4-95A6-229A0A34D3BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry:8700r:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC877CE-41BC-49CF-9381-209EA4222AEE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed."
    }
  ],
  "id": "CVE-2005-2343",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://securitytracker.com/id?1015428"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/829400"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/16099"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.vupen.com/english/advisories/2006/0011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/829400"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16099"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0011"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.