ID
VAR-201203-0466
TITLE
Blackberry WebKit Browser Engine Remote Code Execution Vulnerability
Trust: 0.9
DESCRIPTION
The BlackBerry PlayBook Tablet is a tablet from BlackBerry. BlackBerry smartphones are smart phone devices from BlackBerry. The open source webkit browser engine used by BlackBerry 6, BlackBerry 7, BlackBerry 7.1 and BlackBerry PlayBook tablet has security vulnerabilities. Attackers can build malicious web pages to entice users to access arbitrary code. For BlackBerry phone devices, an attacker can read and write data from a BlackBerry phone memory card, but not some user data stored in the application, such as email, calendar, and contacts. On the BlackBerry PlayBook tablet, an attacker can execute arbitrary code in context on the browser. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a webpage containing malicious content
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | research | model: | in motion blackberry device software | scope: | eq | version: | 6.0 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry device software | scope: | eq | version: | 7.1 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry device software | scope: | eq | version: | 7 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry playbook tablet software | scope: | eq | version: | 1.0.5.2304 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry playbook tablet software | scope: | eq | version: | 1.0.5.2342 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry playbook tablet software | scope: | eq | version: | 1.0.6 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry playbook tablet software | scope: | eq | version: | 1.0.7.2942 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry playbook tablet software | scope: | eq | version: | 1.0.7.3312 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry playbook tablet software | scope: | eq | version: | 2.0.0.7971 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry playbook tablet software | scope: | eq | version: | 1.0.8.6067 | Trust: 0.9 |
| vendor: | research | model: | in motion blackberry playbook tablet software | scope: | eq | version: | 1.0.8.4985 | Trust: 0.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
Design Error
Trust: 0.3
PATCH
| title: | Blackberry WebKit Browser Engine Remote Code Execution Vulnerability Patch | url: | https://www.cnvd.org.cn/patchinfo/show/12151 | Trust: 0.6 |
EXTERNAL IDS
| db: | BID | id: | 52288 | Trust: 1.5 |
| db: | CNVD | id: | CNVD-2012-1049 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201203-061 | Trust: 0.6 |
REFERENCES
| url: | http://btsc.webapps.blackberry.com/btsc/microsites/microsite.do?cmd=displaykc | Trust: 0.6 |
| url: | http://www.securityfocus.com/bid/52288 | Trust: 0.6 |
| url: | http://btsc.webapps.blackberry.com/btsc/microsites/microsite.do?cmd=displaykc&doctype=kc&externalid=kb30152&sliceid=1&doctypeid=dt_security_1_1 | Trust: 0.3 |
| url: | http://www.rim.net/ | Trust: 0.3 |
CREDITS
This issue is disclosed in RSA Security Conference.
Trust: 0.9
SOURCES
| db: | CNVD | id: | CNVD-2012-1049 |
| db: | BID | id: | 52288 |
| db: | CNNVD | id: | CNNVD-201203-061 |
LAST UPDATE DATE
2022-05-17T01:37:43.824000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2012-1049 | date: | 2012-03-07T00:00:00 |
| db: | BID | id: | 52288 | date: | 2012-03-05T00:00:00 |
| db: | CNNVD | id: | CNNVD-201203-061 | date: | 2012-03-07T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2012-1049 | date: | 2012-03-07T00:00:00 |
| db: | BID | id: | 52288 | date: | 2012-03-05T00:00:00 |
| db: | CNNVD | id: | CNNVD-201203-061 | date: | 2012-03-07T00:00:00 |