7.8 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.366 Low
EPSS
Percentile
97.0%
Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS “style handling,” nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
CPE | Name | Operator | Version |
---|---|---|---|
blackberry_torch_9800_firmware | eq | 6.0.0.246 |
dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
lists.apple.com/archives/security-announce/2011//Apr/msg00000.html
lists.apple.com/archives/security-announce/2011//Apr/msg00001.html
lists.apple.com/archives/security-announce/2011//Apr/msg00002.html
osvdb.org/71182
secunia.com/advisories/43735
secunia.com/advisories/43748
secunia.com/advisories/43782
secunia.com/advisories/44151
secunia.com/advisories/44154
support.apple.com/kb/HT4596
support.apple.com/kb/HT4607
www.blackberry.com/btsc/KB26132
www.debian.org/security/2011/dsa-2192
www.securityfocus.com/archive/1/517513/100/0/threaded
www.securityfocus.com/bid/46849
www.securitytracker.com/id?1025212
www.vupen.com/english/advisories/2011/0645
www.vupen.com/english/advisories/2011/0654
www.vupen.com/english/advisories/2011/0671
www.vupen.com/english/advisories/2011/0984
www.zerodayinitiative.com/advisories/ZDI-11-104
exchange.xforce.ibmcloud.com/vulnerabilities/66052
googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401