Search criteria
9 vulnerabilities found for blackberry_device_software by rim
FKIE_CVE-2010-3934
Vulnerability from fkie_nvd - Published: 2010-10-14 19:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_device_software | 5.0.0.593 | |
| rim | blackberry_9700 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_device_software:5.0.0.593:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A94C3C-9E3F-40AB-B1B0-F802E61A7314",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rim:blackberry_9700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE6874B4-A2FF-4C07-A311-6BF93B9990DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "El navegador en Research In Motion (RIM) BlackBerry Device Software v5.0.0.593 Platform v5.1.0.147 en la BlackBerry 9700 no restringe correctamente la ejecuci\u00f3n de dominio cruzado de JavaScript, lo cual permite a los atacantes remotos evitar la \"Same Origin Policy\" a trav\u00e9s de vectores relacionados con una llamada a window.open y un elemento IFRAME. NOTA: algunos de estos detalles han sido obtenidos a partir de terceros."
}
],
"id": "CVE-2010-3934",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-10-14T19:00:02.197",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41536"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024506"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-3477
Vulnerability from fkie_nvd - Published: 2009-09-29 23:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle "hidden" characters including a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_device_software | 4.5.0 | |
| rim | blackberry_device_software | 4.6 | |
| rim | blackberry_device_software | 4.6.1 | |
| rim | blackberry_device_software | 4.7 | |
| rim | blackberry_device_software | 4.7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_device_software:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA413B7D-D802-4E3C-A7B6-336A18725F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_device_software:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA30719-43F4-4E82-BAAE-3BE053AB500A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_device_software:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0686F-CEE0-49DB-8393-C1100E13AD75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_device_software:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E36C6DD2-3695-4D65-B4F5-ADA6C3E69AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_device_software:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "59C49F10-787E-4AFB-8830-E6C3645BD2E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle \"hidden\" characters including a \u0027\\0\u0027 character in a domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
},
{
"lang": "es",
"value": "El Navegador de Blackberry en RIM BlackBerry Device Software v4.5.0 anterior a v4.5.0.173, 4.6.0 anterior a v4.6.0.303, 4.6.1 anterior a v4.6.1.309, 4.7.0 anterior a v4.7.0.179, y 4.7.1 anterior a v4.7.1.57 no maneja apropiadamente caracteres \"ocultos\" incluyendo un car\u00e1cter \u0027\\0\u0027 en un nombre de dominio en el campo nombre com\u00fan (NC) de un certificado X.509, lo cual permite a atacantes hombre-en-el-medio (man-in-the-middle) remotos suplantar servidores SSL a su elecci\u00f3n a trav\u00e9s de de un certificado manipulado expedido por una Autoridad de Certificaci\u00f3n leg\u00edtima, un tema relacionado con CVE-2009-2408."
}
],
"id": "CVE-2009-3477",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-09-29T23:30:00.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36875"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36528"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022951"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53490"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-2343
Vulnerability from fkie_nvd - Published: 2005-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_desktop_manager | 4.0 | |
| rim | blackberry_device_software | 4.0 | |
| rim | blackberry | 7100g | |
| rim | blackberry | 7100i | |
| rim | blackberry | 7100r | |
| rim | blackberry | 7100t | |
| rim | blackberry | 7100v | |
| rim | blackberry | 7100x | |
| rim | blackberry | 7105t | |
| rim | blackberry | 7130e | |
| rim | blackberry | 7230_3.7.1_.41 | |
| rim | blackberry | 7230_3.8 | |
| rim | blackberry | 7230_4.0 | |
| rim | blackberry | 7250 | |
| rim | blackberry | 7280 | |
| rim | blackberry | 7290 | |
| rim | blackberry | 7520 | |
| rim | blackberry | 7730 | |
| rim | blackberry | 7750 | |
| rim | blackberry | 7780 | |
| rim | blackberry | 8700c | |
| rim | blackberry | 8700f | |
| rim | blackberry | 8700r |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_desktop_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D9477C1A-2072-4362-BD67-27C721E7E805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_device_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "500A2D65-7220-4252-856F-052EA40EFB12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry:7100g:*:*:*:*:*:*:*",
"matchCriteriaId": "EE6C1404-8B96-460C-9060-04C402E23AF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7100i:*:*:*:*:*:*:*",
"matchCriteriaId": "E08E215F-7EF3-4012-8D14-689EE1550A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7100r:*:*:*:*:*:*:*",
"matchCriteriaId": "67CD32AF-AB92-4215-9062-BB3E97444518",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7100t:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE29076-C3FD-475A-AE95-41E78596AC75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7100v:*:*:*:*:*:*:*",
"matchCriteriaId": "FD365609-508D-4501-86DB-2D510F0F1071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7100x:*:*:*:*:*:*:*",
"matchCriteriaId": "6142B7E1-002A-4BA5-A062-2614029FCA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7105t:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBCA036-2636-451D-A03F-20D4B2837D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7130e:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA64687-7D57-4630-A948-A4C510164AEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7230_3.7.1_.41:*:*:*:*:*:*:*",
"matchCriteriaId": "3AC44A87-CE11-48F8-BBF1-7971784D4A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7230_3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C7FE590B-9A8A-4839-91F9-941B192EA2C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7230_4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5080187-373E-47FE-9970-30049690E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7250:*:*:*:*:*:*:*",
"matchCriteriaId": "49E4214E-8D31-4E0C-8266-89D228605A13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7280:*:*:*:*:*:*:*",
"matchCriteriaId": "5038858C-709E-4C0D-80A9-41E8A3D07633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7290:*:*:*:*:*:*:*",
"matchCriteriaId": "4F290329-09CC-40C8-A928-CD66841B68D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7520:*:*:*:*:*:*:*",
"matchCriteriaId": "E8485224-909C-440C-93BB-B059E89CBB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7730:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD18A44-5A92-41DF-B67E-A4EF010BCE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7750:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5FCD19-F244-4E53-A843-AF4D053C3680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:7780:*:*:*:*:*:*:*",
"matchCriteriaId": "30142764-C686-432F-BFA4-F7D42C232CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:8700c:*:*:*:*:*:*:*",
"matchCriteriaId": "24DC35A6-D335-4968-81AD-5A4FE982F550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:8700f:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7A8585-EE80-46F4-95A6-229A0A34D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry:8700r:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC877CE-41BC-49CF-9381-209EA4222AEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed."
}
],
"id": "CVE-2005-2343",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cret@cert.org",
"url": "http://securitytracker.com/id?1015428"
},
{
"source": "cret@cert.org",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/829400"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/16099"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/829400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0011"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2010-3934 (GCVE-0-2010-3934)
Vulnerability from cvelistv5 – Published: 2010-10-14 18:00 – Updated: 2024-09-17 00:45
VLAI?
Summary
The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt"
},
{
"name": "41536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41536"
},
{
"name": "1024506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024506"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-10-14T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt"
},
{
"name": "41536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41536"
},
{
"name": "1024506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024506"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt"
},
{
"name": "41536",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41536"
},
{
"name": "1024506",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024506"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3934",
"datePublished": "2010-10-14T18:00:00Z",
"dateReserved": "2010-10-14T00:00:00Z",
"dateUpdated": "2024-09-17T00:45:56.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3477 (GCVE-0-2009-3477)
Vulnerability from cvelistv5 – Published: 2009-09-29 23:00 – Updated: 2024-08-07 06:31
VLAI?
Summary
The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle "hidden" characters including a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:31:10.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36528",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36528"
},
{
"name": "36875",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36875"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552"
},
{
"name": "blackberry-device-certificate-spoofing(53490)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53490"
},
{
"name": "1022951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022951"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle \"hidden\" characters including a \u0027\\0\u0027 character in a domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36528",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36528"
},
{
"name": "36875",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36875"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552"
},
{
"name": "blackberry-device-certificate-spoofing(53490)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53490"
},
{
"name": "1022951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022951"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle \"hidden\" characters including a \u0027\\0\u0027 character in a domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36528"
},
{
"name": "36875",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36875"
},
{
"name": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552"
},
{
"name": "blackberry-device-certificate-spoofing(53490)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53490"
},
{
"name": "1022951",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022951"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3477",
"datePublished": "2009-09-29T23:00:00",
"dateReserved": "2009-09-29T00:00:00",
"dateUpdated": "2024-08-07T06:31:10.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2343 (GCVE-0-2005-2343)
Vulnerability from cvelistv5 – Published: 2006-01-02 00:00 – Updated: 2024-08-07 22:22
VLAI?
Summary
Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:49.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
},
{
"name": "VU#829400",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/829400"
},
{
"name": "ADV-2006-0011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"name": "16099",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16099"
},
{
"name": "1015428",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-04T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
},
{
"name": "VU#829400",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/829400"
},
{
"name": "ADV-2006-0011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"name": "16099",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16099"
},
{
"name": "1015428",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015428"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2005-2343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
},
{
"name": "VU#829400",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/829400"
},
{
"name": "ADV-2006-0011",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"name": "16099",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16099"
},
{
"name": "1015428",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015428"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2005-2343",
"datePublished": "2006-01-02T00:00:00",
"dateReserved": "2005-07-21T00:00:00",
"dateUpdated": "2024-08-07T22:22:49.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3934 (GCVE-0-2010-3934)
Vulnerability from nvd – Published: 2010-10-14 18:00 – Updated: 2024-09-17 00:45
VLAI?
Summary
The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt"
},
{
"name": "41536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41536"
},
{
"name": "1024506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024506"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-10-14T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt"
},
{
"name": "41536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41536"
},
{
"name": "1024506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024506"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt"
},
{
"name": "41536",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41536"
},
{
"name": "1024506",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024506"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3934",
"datePublished": "2010-10-14T18:00:00Z",
"dateReserved": "2010-10-14T00:00:00Z",
"dateUpdated": "2024-09-17T00:45:56.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3477 (GCVE-0-2009-3477)
Vulnerability from nvd – Published: 2009-09-29 23:00 – Updated: 2024-08-07 06:31
VLAI?
Summary
The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle "hidden" characters including a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:31:10.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36528",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36528"
},
{
"name": "36875",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36875"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552"
},
{
"name": "blackberry-device-certificate-spoofing(53490)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53490"
},
{
"name": "1022951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022951"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle \"hidden\" characters including a \u0027\\0\u0027 character in a domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36528",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36528"
},
{
"name": "36875",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36875"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552"
},
{
"name": "blackberry-device-certificate-spoofing(53490)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53490"
},
{
"name": "1022951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022951"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle \"hidden\" characters including a \u0027\\0\u0027 character in a domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36528"
},
{
"name": "36875",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36875"
},
{
"name": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552"
},
{
"name": "blackberry-device-certificate-spoofing(53490)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53490"
},
{
"name": "1022951",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022951"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3477",
"datePublished": "2009-09-29T23:00:00",
"dateReserved": "2009-09-29T00:00:00",
"dateUpdated": "2024-08-07T06:31:10.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2343 (GCVE-0-2005-2343)
Vulnerability from nvd – Published: 2006-01-02 00:00 – Updated: 2024-08-07 22:22
VLAI?
Summary
Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:49.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
},
{
"name": "VU#829400",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/829400"
},
{
"name": "ADV-2006-0011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"name": "16099",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16099"
},
{
"name": "1015428",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-04T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
},
{
"name": "VU#829400",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/829400"
},
{
"name": "ADV-2006-0011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"name": "16099",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16099"
},
{
"name": "1015428",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015428"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2005-2343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=1167791"
},
{
"name": "VU#829400",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/829400"
},
{
"name": "ADV-2006-0011",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"name": "16099",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16099"
},
{
"name": "1015428",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015428"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2005-2343",
"datePublished": "2006-01-02T00:00:00",
"dateReserved": "2005-07-21T00:00:00",
"dateUpdated": "2024-08-07T22:22:49.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}