Denial of service in the BlackBerry browser
A vulnerability has been detected in the browser in BlackBerry devices, which could allow remote attackers to cause denial of service conditions. BlackBerry has released the update to resolve the vulnerability.
The problem arises because the browser dialog box is not properly dismissed. A remote attacker could create a specially-crafted JAD (Java Application Description) file that causes the application to block when it is loaded in the browser. In order to successfully exploit this vulnerability, the JAD file created by the attacker must contain a long application name and vendor string.
BlackBerry has released version 4.0.2 of the software that fixes this
vulnerability. More information is available at BlackBerry homepage.