漏洞起因
边界条件错误
危险等级
低
影响系统
Research In Motion Blackberry Torch 9800 0
Research In Motion Blackberry Pearl 8100 0
Research In Motion Blackberry Curve 8300 0
Research In Motion Blackberry Browser 0
Research In Motion Blackberry 9700 5.0.0.593
Research In Motion Blackberry 8800 4.2
Research In Motion Blackberry 8800 4.1
Research In Motion Blackberry 8800 0
Research In Motion Blackberry 8720 4.2
Research In Motion Blackberry 8720 4.1
Research In Motion Blackberry 8700r
Research In Motion Blackberry 8700f
Research In Motion Blackberry 8700c
Research In Motion Blackberry 8320 4.2
Research In Motion Blackberry 8320 4.1
Research In Motion Blackberry 7780
Research In Motion Blackberry 7750
Research In Motion Blackberry 7730
Research In Motion Blackberry 7520
Research In Motion Blackberry 7290
Research In Motion Blackberry 7280
Research In Motion BlackBerry 7270 0
Research In Motion Blackberry 7250
Research In Motion Blackberry 7230 4.0
Research In Motion Blackberry 7230 3.8
Research In Motion Blackberry 7230 3.7.1 .41
Research In Motion Blackberry 7130e
Research In Motion Blackberry 7105t
Research In Motion Blackberry 7100x
Research In Motion Blackberry 7100v
Research In Motion Blackberry 7100t
Research In Motion Blackberry 7100r
Research In Motion Blackberry 7100i
Research In Motion Blackberry 7100g
Research In Motion BlackBerry 9700
Research In Motion BlackBerry 9650
Research In Motion BlackBerry 8530
Research In Motion BlackBerry 8520
Research In Motion BlackBerry 8330
不受影响系统
危害
远程攻击者可以利用漏洞以应用程序安全上下文执行任意代码。
攻击所需条件
攻击者必须构建恶意WEB页,诱使用户解析。
漏洞信息
Blackberry Browser是一款用于黑莓手机上的WEB浏览器。
Blackberry Browser存在未明安全漏洞,允许导致敏感信息泄露或触发整数溢出而以应用程序上下文执行任意代码。
这些问题成功的在CanSecWest’s 2011 Pwn2Own黑客挑战赛上利用。
测试方法
厂商解决方案
目前没有详细解决方案提供:
http://www.rim.net/
漏洞提供者
Willem Pinckaers, Vincenzo Iozzo and Ralf-Philipp Weinmann
0 条评论。