Microsoft Windows Phone Messages Processing Denial of Service Vulnerability

Bugtraq ID:	51179
Class:	Unknown
CVE:
Remote:	Yes
Local:	No
Published:	Dec 23 2011 12:00AM
Updated:	Dec 23 2011 12:00AM
Credit:	Khaled Salameh
Vulnerable:	Microsoft Windows Phone 7.5
Not Vulnerable:

Microsoft Windows Phone Messages Processing Denial of Service Vulnerability

Microsoft Windows Phone is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to disable the messaging functionality and reboot the affected device.

Windows Phone 7.5 is vulnerable; other versions may also be affected.

Microsoft Windows Phone Messages Processing Denial of Service Vulnerability

The researcher who discovered the issue has created an exploit for demonstration, however the exploit code is not publicly available. Please see the references for more information.

Microsoft Windows Phone Messages Processing Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Microsoft Windows Phone Messages Processing Denial of Service Vulnerability

References:

• Windows Mobile Homepage (Microsoft)
  
• Windows Phone 7.5 SMS Crash (Windows )
  
• Windows Phone SMS attack discovered, reboots device and disables messaging hub (Windows)