VAR-200909-0256
Vulnerability from variot - Updated: 2023-12-18 12:31The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle "hidden" characters including a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. SSL A vulnerability that impersonates a server exists. The problem is CVE-2009-2408 And related issues.An attacker can create any arbitrary certificate through a certificate issued by a regular certificate authority. SSL There is a possibility of impersonating a server. The BlackBerry Device Software browser is prone to a weakness that may cause affected users to trust malicious sites. This issue may potentially lead to other attacks, because users may operate under a false sense of security. This issue affects all versions prior to BlackBerry Device Software 4.5.0.173, 4.6.0.303, 4.6.1.309, 4.7.0.179, and 4.7.1.57. NOTE: This issue affects all built-in browsers installed on BlackBerry devices: BlackBerry Browser Internet Browser WAP Browser Wi-Fi (Hotspot) Browser. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: BlackBerry Devices Insufficient Certificate Warning Security Issue
SECUNIA ADVISORY ID: SA36875
VERIFY ADVISORY: http://secunia.com/advisories/36875/
DESCRIPTION: A security issue has been reported in BlackBerry Device Software, which can be exploited by malicious people to potentially conduct spoofing attacks.
The security issue is caused due to the dialog box displayed by the browser when a mismatched certificate is detected not showing e.g. NULL ('\0') characters. This can be exploited to potentially trick a user into ignoring the warning dialog box and accept a spoofed certificate containing special characters in the Common Name field.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Mobile Security Lab and CESG.
ORIGINAL ADVISORY: http://www.blackberry.com/btsc/viewContent.do?externalId=KB19552
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200909-0256",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "blackberry device software",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "4.5.0"
},
{
"model": "blackberry device software",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "4.7"
},
{
"model": "blackberry device software",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "4.6"
},
{
"model": "blackberry device software",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "4.7.1"
},
{
"model": "blackberry device software",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "4.6.1"
},
{
"model": "device software",
"scope": "eq",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.6.1.309"
},
{
"model": "device software",
"scope": "lt",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.7.0"
},
{
"model": "device software",
"scope": "eq",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.7.1.57"
},
{
"model": "device software",
"scope": "lt",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.6.1"
},
{
"model": "device software",
"scope": "lt",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.7.1"
},
{
"model": "device software",
"scope": "eq",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.7.0.179"
},
{
"model": "device software",
"scope": "lt",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.6.0"
},
{
"model": "device software",
"scope": "eq",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.6.0.303"
},
{
"model": "device software",
"scope": "eq",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.5.0.173"
},
{
"model": "device software",
"scope": "lt",
"trust": 0.8,
"vendor": "blackberry",
"version": "4.5.0"
},
{
"model": "in motion blackberry device software",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "4.7.1"
},
{
"model": "in motion blackberry device software",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "4.7"
},
{
"model": "in motion blackberry device software",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "4.6.1"
},
{
"model": "in motion blackberry device software",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "4.6"
},
{
"model": "in motion blackberry device software",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "4.5"
},
{
"model": "in motion blackberry device software",
"scope": "ne",
"trust": 0.3,
"vendor": "research",
"version": "4.7.1.57"
},
{
"model": "in motion blackberry device software",
"scope": "ne",
"trust": 0.3,
"vendor": "research",
"version": "4.7.179"
},
{
"model": "in motion blackberry device software",
"scope": "ne",
"trust": 0.3,
"vendor": "research",
"version": "4.6.1.309"
},
{
"model": "in motion blackberry device software",
"scope": "ne",
"trust": 0.3,
"vendor": "research",
"version": "4.6.303"
},
{
"model": "in motion blackberry device software",
"scope": "ne",
"trust": 0.3,
"vendor": "research",
"version": "4.5.173"
}
],
"sources": [
{
"db": "BID",
"id": "36528"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002699"
},
{
"db": "NVD",
"id": "CVE-2009-3477"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rim:blackberry_device_software:4.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rim:blackberry_device_software:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rim:blackberry_device_software:4.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rim:blackberry_device_software:4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rim:blackberry_device_software:4.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3477"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mobile Security Lab and CESG",
"sources": [
{
"db": "BID",
"id": "36528"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
],
"trust": 0.9
},
"cve": "CVE-2009-3477",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2009-3477",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-3477",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200910-066",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002699"
},
{
"db": "NVD",
"id": "CVE-2009-3477"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle \"hidden\" characters including a \u0027\\0\u0027 character in a domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. SSL A vulnerability that impersonates a server exists. The problem is CVE-2009-2408 And related issues.An attacker can create any arbitrary certificate through a certificate issued by a regular certificate authority. SSL There is a possibility of impersonating a server. The BlackBerry Device Software browser is prone to a weakness that may cause affected users to trust malicious sites. \nThis issue may potentially lead to other attacks, because users may operate under a false sense of security. \nThis issue affects all versions prior to BlackBerry Device Software 4.5.0.173, 4.6.0.303, 4.6.1.309, 4.7.0.179, and 4.7.1.57. \nNOTE: This issue affects all built-in browsers installed on BlackBerry devices:\nBlackBerry Browser\nInternet Browser\nWAP Browser\nWi-Fi (Hotspot) Browser. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nBlackBerry Devices Insufficient Certificate Warning Security Issue\n\nSECUNIA ADVISORY ID:\nSA36875\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36875/\n\nDESCRIPTION:\nA security issue has been reported in BlackBerry Device Software,\nwhich can be exploited by malicious people to potentially conduct\nspoofing attacks. \n\nThe security issue is caused due to the dialog box displayed by the\nbrowser when a mismatched certificate is detected not showing e.g. \nNULL (\u0027\\0\u0027) characters. This can be exploited to potentially trick a\nuser into ignoring the warning dialog box and accept a spoofed\ncertificate containing special characters in the Common Name field. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Mobile Security Lab and CESG. \n\nORIGINAL ADVISORY:\nhttp://www.blackberry.com/btsc/viewContent.do?externalId=KB19552\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3477"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002699"
},
{
"db": "BID",
"id": "36528"
},
{
"db": "PACKETSTORM",
"id": "81674"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3477",
"trust": 2.4
},
{
"db": "BID",
"id": "36528",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "36875",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1022951",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002699",
"trust": 0.8
},
{
"db": "XF",
"id": "53490",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200910-066",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "81674",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "36528"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002699"
},
{
"db": "PACKETSTORM",
"id": "81674"
},
{
"db": "NVD",
"id": "CVE-2009-3477"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
]
},
"id": "VAR-200909-0256",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.28333333
},
"last_update_date": "2023-12-18T12:31:42.431000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "KB19552",
"trust": 0.8,
"url": "http://www.blackberry.com/btsc/viewcontent.do?externalid=kb19552"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002699"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002699"
},
{
"db": "NVD",
"id": "CVE-2009-3477"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.blackberry.com/btsc/viewcontent.do?externalid=kb19552"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/36875"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/36528"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id?1022951"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53490"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3477"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3477"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/53490"
},
{
"trust": 0.3,
"url": "http://www.rim.net/"
},
{
"trust": 0.3,
"url": "http://www.blackberry.com/btsc/dynamickc.do?externalid=kb19552\u0026sliceid=1\u0026command=show\u0026forward=nonthreadedkc\u0026kcid=kb19552"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36875/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.blackberry.com/updates/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "BID",
"id": "36528"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002699"
},
{
"db": "PACKETSTORM",
"id": "81674"
},
{
"db": "NVD",
"id": "CVE-2009-3477"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "36528"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002699"
},
{
"db": "PACKETSTORM",
"id": "81674"
},
{
"db": "NVD",
"id": "CVE-2009-3477"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-28T00:00:00",
"db": "BID",
"id": "36528"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002699"
},
{
"date": "2009-09-28T05:53:58",
"db": "PACKETSTORM",
"id": "81674"
},
{
"date": "2009-09-29T23:30:00.297000",
"db": "NVD",
"id": "CVE-2009-3477"
},
{
"date": "2009-09-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-10-01T16:20:00",
"db": "BID",
"id": "36528"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002699"
},
{
"date": "2017-08-17T01:31:07.867000",
"db": "NVD",
"id": "CVE-2009-3477"
},
{
"date": "2009-10-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RIM BlackBerry Device Software of Blackberry Browser In any SSL Vulnerability impersonating a server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002699"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200910-066"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…