Researchers from security firm SecTheory have described a handful of flaws in webOS, saying that the platform — by its very nature — is more prone to these sorts of things than its major competitors because Palm puts web technologies like JavaScript closer to webOS’ core where system functions are readily accessible. At least one of the flaws, involving a data field in the Contacts app that can be exploited to run arbitrary code, has already been fixed in webOS 2.0 — but the others are apparently still open, including a cross-site scripting problem, some sort of floating-point overflow issue, and a denial-of-service vector. We imagine Palm will get these all patched up sooner or later, but as SecTheory’s guys point out, how long is it until mobile malware becomes a PC-sized problem?

Security experts unearth unpleasant flaws in webOS originally appeared on Engadget on Fri, 26 Nov 2010 01:18:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Original post by Chris Ziegler

Related posts:

1. Jailbreakers unearth hidden panorama mode in iOS 5 camera app Somewhere deep within the bowels of iOS 5 lurks a...
2. Verizon Palm Pre 2 gets its webOS 2.1 wings Good news for Palm Pre 2 owners of the Big...
3. Cellphones are dangerous / not dangerous: cancer experts say ‘What, me worry?’ If you haven’t already gotten whiplash from the ongoing cellphone-cancer...
4. webOS gets OTA update, delivers performance improvements and bug fixes With so many of us performing funeral dirges in honor...
5. webOS brick-and-mortar stores close forever, may they rest in peace It’s with broken heart that we announce that the doors...

Related posts brought to you by Yet Another Related Posts Plugin.