SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02516786
Version: 1
HPSBMI02580 SSRT100254 rev.1 - Palm webOS, Code execution vulnerability in Palm webOS service API
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-10-26
Last Updated: 2010-10-26
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02498311
Version: 1
HPSBMI02573 SSRT100227 rev.1 - Palm webOS, webOS Doc Viewer, Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-10-26
Last Updated: 2010-10-26
The Palm Pre WebOS <=1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device.
Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+.
Palm WebOS 1.2 patch information can be found here: http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#12
II. Impact
A specially crafted email can access any file on the Palm Pre WebOS version <=1.1 mobile device and send it to a web site of the attacker's choice just by viewing the email.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02518539
Version: 1
HPSBMI02582 SSRT100269 rev.1 - Palm webOS Camera Application, Unauthorized Write Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-10-26
Last Updated: 2010-10-26
I. Description
The Palm Pre WebOS version 1.0.4 and below allows a remote attacker to execute arbitrary HTML code on the phone via certain applications. The affected applications involve the native email client via the notifications system as well as the native calendar application.
The vendor has been contacted and a patch has been released:
WebOS 1.1 - http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#11
II. Impact
I. Description
The Palm Pre WebOS version <= 1.1 suffers from a floating point exception vulnerability when attempting to view a specially crafted web page. This vulnerability has been addressed in the latest patch from Palm and all users are recommended to update to WebOS version 1.2+.
II. Impact
If a user views a malicious web page that contains specially crafted data, the "LunaSysMgr" process will crash, causing the device to simulate a reboot. The bug itself is a floating point exception that crashes the "LunaSysMgr" process and forces the device to restart the process, simulating a reboot of the system. At the time of the discovery, the greatest risk to the system was a denial of service condition.
The crash does not occur when viewing the malicious web page while in landscape mode.
- Credits
The vulnerability was discovered by Michael Mueller from Integralis
michael#dot#mueller#at#integralis#dot#com
Inspired by the Palm WebOS SMS Hack by intrepidusgroup
- Timeline
22.04.2010 - Vulnerabilities discovered
22.04.2010 - Public release
