CVE-2009-5098

Name of the Vulnerable Software and Affected Versions Palm Pre WebOS versions 1.1 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by exploiting a weakness in the LunaSysMgr process. This occurs when a web page containing a long string following a refresh tag is accessed, triggering a floating point exception. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For Palm Pre WebOS versions 1.1 and earlier, consider avoiding the use of web pages with long strings following refresh tags until a fix is available. As a temporary workaround, users may want to view web pages in landscape mode to potentially mitigate the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.