My name is Nishant Das Patnaik, an independent security researcher from India. I have discovered multiple vulnerabilities in the Web Browser of the high end smartphones manufactured by Nokia running Symbian OS 3rd Edition. The detailed vulnerability disclosures along with tested PoCs have been documented separately, see below:
========================
Proof-of-Concept 0x01:
========================
# Title: Nokia Symbian S60v3 WebBrowser Remote DoS PoC
# Author: Nishant Das Patnaik
# Date: 08/02/2010
# Software Link: N/A
# Version: Symbian S60 3rd Edition
# Tested on: Nokia N95, Nokia N95 8GB, Nokia N73, Nokia E63
# Impact: Attacker may exploit this flaw to make crash the browser of the victim or exhaust memory available to the browser.
# Code:
Nokia Symbian S60v3 WebBrowser Remote DoS PoC
(C) Nishant Das Patnaik
========================
Proof-of-Concept 0x02:
========================
# Title: Nokia Symbian S60v3 WebBrowser Malformed VML DoS
# Author: Nishant Das Patnaik
# Date: 08/02/2010
# Software Link: N/A
# Version: Symbian S60 3rd Edition
# Tested on: Nokia N95, Nokia N95 8GB, Nokia N73, Nokia E63
# Impact: Attacker may exploit this flaw to make crash the browser of the victim or exhaust memory available to the browser.
# Code:
========================
Proof-of-Concept 0x03:
========================
# Title: Nokia Symbian S60v3 WebBrowser Remote DoS
# Author: Nishant Das Patnaik
# Date: 08/02/2010
# Software Link: N/A
# Version: Symbian S60 3rd Edition
# Tested on: Nokia N95, Nokia N95 8GB, Nokia N73, Nokia E63
# Impact: Attacker may exploit this flaw to make crash the browser of the victim or exhaust memory available to the browser.
# Code:
Nokia Symbian S60v3 WebBrowser Remote DoS
(C) Nishant Das Patnaik
========================
Proof-of-Concept 0x04:
========================
# Title: Nokia Symbian S60v3 WebBrowser Remote "throw" DoS
# Author: Nishant Das Patnaik
# Date: 08/02/2010
# Software Link: N/A
# Version: Symbian S60 3rd Edition
# Tested on: Nokia N95, Nokia N95 8GB, Nokia N73, Nokia E63
# Impact: Attacker may exploit this flaw to make crash the browser of the victim or exhaust memory available to the browser.
# Code:
Nokia Symbian S60v3 WebBrowser "throw exception" Remote Crash and Denial of Service
Nokia Symbian S60v3 WebBrowser Remote "throw" DoS
(C) Nishant Das Patnaik
========================
Proof-of-Concept 0x05:
========================
# Title: Nokia Symbian S60v3 WebBrowser "alink" Remote DoS
# Author: Nishant Das Patnaik
# Date: 08/02/2010
# Software Link: N/A
# Version: Symbian S60 3rd Edition
# Tested on: Nokia N95, Nokia N95 8GB, Nokia N73, Nokia E63
# Impact: Attacker may exploit this flaw to make crash the browser of the victim or exhaust memory available to the browser.
# Code:
Nokia Symbian S60v3 WebBrowser "alink" Remote DoS
(C) Nishant Das Patnaik
========================
Proof-of-Concept 0x06:
========================
# Title: Nokia Symbian S60v3 WebBrowser Bad Marquee Remote DoS
# Author: Nishant Das Patnaik
# Date: 08/02/2010
# Software Link: N/A
# Version: Symbian S60 3rd Edition
# Tested on: Nokia N95, Nokia N95 8GB, Nokia N73, Nokia E63
# Impact: Attacker may exploit this flaw to make crash the browser of the victim or exhaust memory available to the browser.
# Code:
Nokia Symbian S60v3 WebBrowser Bad Marquee Remote DoS