In association with heise online

27 July 2009, 14:34

Palm WebOS update fixes Pre Vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Palm has release a security update for the webOS operating system for the Palm Pre. It should stop the system from crashing when a user clicks on over long URLs; greater than 4063 characters. It may be possible to exploit this flaw by creating a crafted URL that could inject code into the device. Links may be distributed through some email, AIM, SMS and other channels on the device.

The cause of the problem is not precisely identified, but is related to errors in the LunaSysMgr process. The error was found in webOS 1.0.3 and fixed in version 1.0.4. Palm also found a vulnerability with the handling of email attachments and resolved an issue with the application signature handling. Palm recommends users update to version 1.1.0, which includes all the fixes.

See also:

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-742661
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit