Denial-of-service flaw found in BlackBerry phones

A flaw that could cause denial-of-service attacks on RIM Blackberry phones has been discovered.

Security firm Secunia has posted a warning about a vulnerability in the smart phones "which can be exploited by malicious people to cause the device to reboot" on its website.

The flaw stems from the phones inability to cope with meeting requests with a location field over a certain length - 128KB. Any request larger than that will cause the phone to reboot but no data will be lost.

Phones running the RIM software version 3.7 Service Pack 1, and possibly older versions, are vulnerable but RIM has fixed the flaw in later versions.

The flaw has been rated as "not critical" by Secunia, and RIM has said it has had no reports of users being affected by the flaw.

The security company that originally identified the vulnerability, HexView, claimed that the flaw could be used to execute malicious code on BlackBerry phones but according to RIM, it's not possible.

Viruses designed to infect mobiles have yet to make it big in the wild. What was initially thought to be an outbreak of the so-called Mosquito virus turned out to be a copy-protection feature that went wrong.

The first 'real' virus, Cabir, was developed as a proof-of-concept for malware on mobiles but despite reports of the worm making it into the wild, the virus never managed large scale infection.

Since then, some handset markers, including Nokia, have introduced new security features to their phones.