34 matches found
EUVD-2004-1591
Malware in sbrugna...
EUVD-2010-2607
Malware in sbrugna...
EUVD-2005-2343
Malware in sbrugna...
EUVD-2007-1435
Malware in sbrugna...
RIM BlackBerry PlayBook information leakage
Local HTML file can send any data outside...
Adobe Flash Player CVE-2012-1535 Remote Code Execution Vulnerability
Description Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Adob...
Q&A: Adrian Stone of the BlackBerry Security Team
LAS VEGAS–Here’s something that you might not know about RIM: it has a rather large security response and research team. The maker of the BlackBerry phones–once the must-have fashion accessory for executives and Barack Obama–historically has been almost silent on the way that it handles product...
Sybase Unwired Platform本地安全绕过漏洞
Bugtraq ID: 49114 Sybase Unwired Platform是一款移动企业应用程序平台,可支持快捷地开发移动应用程序,以使企业用户能够利用多种移动设备安全地访问广泛的业务数据。 RIM黑莓设备平台上的Sybase Unwired Platform包含一个安全漏洞,其设备数据库在某些条件下没有正确加密。恶意物理能访问的用户可绕过某些安全限制。 Sybase Unwired Platform 2.0 Sybase Unwired Platform 1.5.5 Sybase Unwired Platform 1.5.3 Sybase Unwired Platform...
CVE-2011-1290
Integer overflow in WebKit, as used on the Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets,...
Integer overflow
Integer overflow in WebKit, as used on the Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets,...
CVE-2011-1290
Removed by vendor...
CVE-2011-1416
The Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011...
Novell ZENworks Handheld Management ZfHIPCND.exe Buffer Overflow (CVE-2010-4299)
Novell ZENworks Handheld Management is part of the Novell ZENworks suite that allows administrators to remotely update, configure, and inventory handheld devices such as Palm, Windows CE, PocketPC, and RIM BlackBerry. A buffer overflow vulnerability has been reported in Novell ZENworks Handheld...
CVE-2010-2603
The CVE-2010-2603 entry affects BlackBerry Desktop Software (Windows PC 4.7–6.0; Mac 1.0). The vulnerability arises from using a weak password to encrypt the database backup file, enabling local users to brute-force decrypt the backup. OpenVAS/Nessus records corroborate an information-disclosure/...
Design/Logic Flaw
The browser in Research In Motion RIM BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an...
CVE-2010-3741
The offline backup mechanism in Research In Motion RIM BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack...
RIM BlackBerry Enterprise Server Router Component Denial of Service (CVE-2005-2342)
The Research In Motion RIM BlackBerry Enterprise Server is a component that integrates with an enterprise email server in order to extend its functionality. BlackBerry Enterprise Server integrates with messaging platforms such as the Microsoft Exchange Server and other corporate application serve...
CVE-2009-4778
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion RIM BlackBerry Enterprise Server BES software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of...
Design/Logic Flaw
The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle "hidden" characters including a '\0' character in a domain name in the subject's Common Name ...
CVE-2009-3477
CVE-2009-3477 affects the BlackBerry Browser in BlackBerry Device Software 4.5.x to 4.7.x, where the CN in X.509 certificates can include a hidden '\0' character, allowing remote MITM attackers to spoof SSL servers with a certificate from a trusted CA. The issue stems from improper handling of hi...