In an advisory posted Wednesday to a Syracuse University computer-science Web site, researchers said they had found vulnerabilities in Sharp"s Zaurus SL-5500 and Zaurus SL-5000D handhelds. The flaws let attackers take control of the device"s file system, giving them the power to overwrite files or lock the device so no data can be input through the keypad or touch screen.
The biggest potential threat, though, exists when the device is wirelessly connected to a company"s network, where sensitive data might be stored. The flaws would enable attackers to download and upload files.
These vulnerabilities mean that the Zaurus can be used as a launching point to attack the network," said K. Reid Wightman, one of the researchers who worked on the advisory.