VAR-201203-0466
Vulnerability from variot - Updated: 2022-05-17 01:37The BlackBerry PlayBook Tablet is a tablet from BlackBerry. BlackBerry smartphones are smart phone devices from BlackBerry. The open source webkit browser engine used by BlackBerry 6, BlackBerry 7, BlackBerry 7.1 and BlackBerry PlayBook tablet has security vulnerabilities. Attackers can build malicious web pages to entice users to access arbitrary code. For BlackBerry phone devices, an attacker can read and write data from a BlackBerry phone memory card, but not some user data stored in the application, such as email, calendar, and contacts. On the BlackBerry PlayBook tablet, an attacker can execute arbitrary code in context on the browser. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a webpage containing malicious content
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0466",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "in motion blackberry device software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "6.0"
},
{
"model": "in motion blackberry device software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "7.1"
},
{
"model": "in motion blackberry device software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "7"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.5.2304"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.5.2342"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.6"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.7.2942"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.7.3312"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "2.0.0.7971"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.8.6067"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.8.4985"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1049"
},
{
"db": "BID",
"id": "52288"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This issue is disclosed in RSA Security Conference.",
"sources": [
{
"db": "BID",
"id": "52288"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-061"
}
],
"trust": 0.9
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The BlackBerry PlayBook Tablet is a tablet from BlackBerry. BlackBerry smartphones are smart phone devices from BlackBerry. The open source webkit browser engine used by BlackBerry 6, BlackBerry 7, BlackBerry 7.1 and BlackBerry PlayBook tablet has security vulnerabilities. Attackers can build malicious web pages to entice users to access arbitrary code. For BlackBerry phone devices, an attacker can read and write data from a BlackBerry phone memory card, but not some user data stored in the application, such as email, calendar, and contacts. On the BlackBerry PlayBook tablet, an attacker can execute arbitrary code in context on the browser. \nAn attacker can exploit this issue by tricking an unsuspecting victim into viewing a webpage containing malicious content",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1049"
},
{
"db": "BID",
"id": "52288"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "52288",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2012-1049",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201203-061",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1049"
},
{
"db": "BID",
"id": "52288"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-061"
}
]
},
"id": "VAR-201203-0466",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1049"
}
],
"trust": 0.8120370349999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1049"
}
]
},
"last_update_date": "2022-05-17T01:37:43.824000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Blackberry WebKit Browser Engine Remote Code Execution Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/12151"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1049"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://btsc.webapps.blackberry.com/btsc/microsites/microsite.do?cmd=displaykc"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/52288"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/microsites/microsite.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb30152\u0026sliceid=1\u0026doctypeid=dt_security_1_1"
},
{
"trust": 0.3,
"url": "http://www.rim.net/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1049"
},
{
"db": "BID",
"id": "52288"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-061"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-1049"
},
{
"db": "BID",
"id": "52288"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-061"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1049"
},
{
"date": "2012-03-05T00:00:00",
"db": "BID",
"id": "52288"
},
{
"date": "2012-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-061"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1049"
},
{
"date": "2012-03-05T00:00:00",
"db": "BID",
"id": "52288"
},
{
"date": "2012-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-061"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-061"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Blackberry WebKit Browser Engine Remote Code Execution Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1049"
},
{
"db": "BID",
"id": "52288"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "52288"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…