Nokia Mini Map Browser (array sort) Silent Crash Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Nokia Mini Map Browser (array sort) Silent Crash Vulnerability
# Published : 2008-10-10
# Author : ikki
# Previous Title : NoticeWare E-mail Server 5.1.2.2 (POP3) Pre-Auth DoS Exploit
# Next Title : MS Windows GDI+ Proof of Concept (MS08-052) #2

==================================================== 
Security Research Advisory

Vulnerability name: Nokia Browser Array Sort Denial Of Service Vulnerability
Advisory number: LC-2008-04
Advisory URL: http://www.ikkisoft.com

==================================================== 
1) Affected Software 

* Nokia Mini Map Browser (S60WebKit <= 21772) 

The tested device has the following User-Agent: 
Mozilla/5.0 (SymbianOS/9.2;U;Series60/3.1 NokiaE90-1/210.34.75 
Profile/MIDP-2.0 Configuration/CLDC-1.1) AppleWebKit/413 (KHTML) 
Safari/413

Note: Although the Nokia Web Browser is built upon a port of the 
open source WebKit used by Apple for its browser, the iPhone is not 
affected (at least the iPhone firmware version 2.0.2(5C1))

====================================================
2) Severity 

Severity: Low
Local/Remote: Remote

==================================================== 
3) Summary

The Web Browser for S60 (formally called Nokia Mini Map Browser) is a web 
browser for the S60 mobile phone platform developed by Nokia. 
It is built upon S60WebKit, a port of the open source WebKit project to the S60
platform. According to several sources, the S60 software on Symbian OS is the 
worlda