This application requires Javascript for optimal performance.

RAZR/Jpg!exploit.ZDI08033 - Released May 30, 2008 - Last Updated Jun 11, 2008

Detection Availability

Active DatabaseExtended Database
FortiGate
low
high
FortiClient
FortiMail N/A

Visible Symptoms

The System may slow down or hang up upon receiving a MMS message carrying a malicious, specifically crafted JPEG image.

Detailed Analysis


The "Motorola RAZR", a mobile device running a proprietary Operating System, is vulnerable to a stack overflow condition. The issue is located in the JPEG thumbprint component of the EXIF parser.

Remote attackers may leverage the vulnerability to execute code on the targeted device, by sending an MMS message carrying specifically crafted JPEG images. Upon success, this would effectively lead to total compromise of the targeted system.

Reference: ZDI-08-033

Recommended Action

    FortiGate Systems

  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.

    FortiClient Systems

  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Reference: ID - 485073