scoutt
08-26-2008, 07:19 PM
(August 21 & 22)
Nokia has acknowledged the existence of two vulnerabilities in its
Series 40 handsets. The flaws lie in Sun Microsystems' mobile version
of Java (J2ME) and were brought to the attention of Sun and Nokia by
Adam Gowdiak, who provided each company with a brief overview and
offered detailed reports on the vulnerabilities for US $20,000. Neither
company has confirmed that they have paid Gowdiak, but Sun has announced
that it will be releasing patches for the flaws soon, and Nokia is
looking into measures to prevent their exploitation. One of the flaws
could allow remote access to restricted phone functions; the other could
be exploited to surreptitiously install or run applications on the
devices.http://www.zdnet.co.uk/misc/print/0,1000000169,39464526-39001093c,00.htm
http://www.techworld.com/news/index.cfm?newsID=103368&printerfriendly=1
Nokia has acknowledged the existence of two vulnerabilities in its
Series 40 handsets. The flaws lie in Sun Microsystems' mobile version
of Java (J2ME) and were brought to the attention of Sun and Nokia by
Adam Gowdiak, who provided each company with a brief overview and
offered detailed reports on the vulnerabilities for US $20,000. Neither
company has confirmed that they have paid Gowdiak, but Sun has announced
that it will be releasing patches for the flaws soon, and Nokia is
looking into measures to prevent their exploitation. One of the flaws
could allow remote access to restricted phone functions; the other could
be exploited to surreptitiously install or run applications on the
devices.http://www.zdnet.co.uk/misc/print/0,1000000169,39464526-39001093c,00.htm
http://www.techworld.com/news/index.cfm?newsID=103368&printerfriendly=1