N/A

The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone.

N/A

N/A

Nokia 6131手机多个欺骗及拒绝服务漏洞

Nokia 6131是一款常用的手机，运行的操作系统为Symbian 40。 Nokia 6131手机中负责解析和显示NDEF Smart Poster内容和纯URI标签的代码存在安全漏洞。NDEF Smart Poster与描述文本同时显示URI，在显示时将描述文本与URI连接到一起，如果描述文本已经用尽了可用空间的话就不会显示URI；此外描述文本中也可能包含有类似于URI的文本，因此用户可能受骗打开或激活非预期的URI。 如果记录负载长度字段包含有0xFFFFFFFF或0xFFFFFFFE的话，Nok

N/A

N/A