MA-176.072009: MyCERT Alert - 0day in Symbian S60 (Nokia) Firmware Media Codecs - Multiple Memory Corruption Vulnerabilities 1.0 Introduction A critical vulnerability has been identified in Symbian S60 (Nokia) firmware media codecs used by the RealPlayer and MMS viewer on Nokia's Symbian/S60 based smartphones. An attacker could leverage these bugs to gain control of the program and execute arbitrary code on a target smartphone. The bugs can be triggered directly inside the MMS viewer of the target, by sending an MMS with an embedded video file. 2.0 Impact By exploiting this vulnerability, an attacker could execute arbitrary code on vulnerable Nokia's Symbian/S60 based smartphones and gain the same privilege as the user. The attack can be launched via local or remote by abusing RealPlayer and MMS viewer components. 3.0 Affected Products All Nokia / Symbian S60 smartphones with RealPlayer are likely vulnerable. The test and debugging was performed by SEC Consult and confirmed that Nokia N96 smartphone with firmware version 11.018 is vulnerable. The resulting files were also sent to a Nokia E61i and a Nokia E71 and crashed either the MMS application or the operating system. 4.0 Recommendation Due to the nature of 0day of exploit, Nokia hasn't released any patches to address this vulnerability yet. However, users are recommended not to open or view suspicious MMS or video file. To prevent the autoview mode in newly received MMS: - Press 'Exit' on the SMS/MMS notification menu
- Press 'Menu' button and choose 'Message'
- Manually go to Inbox
- Select the suspicious MMS
- Select 'Option' menu
- Choose 'Delete' to remove the MMS without opening it
Generally, MyCERT advises the users of this product to be updated with the latest security announcements by the vendor. Users who receive suspicious video files or MMS can forward them to MyCERT for further analysis. MyCERT can be reached at: E-mail : cyber999@cybersecurity.my or mycert@mycert.org.my
Phone : +603 89926969 or 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : +60 19 2813801 (24x7 SMS reporting)
Business Hours : Mon - Fri 08:30 -17:30 MYT
Web: http://www.mycert.org.my 5.0 References |
