CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 1CVE-2010-3934
https://notcve.org/view.php?id=CVE-2010-3934
14 Oct 2010 — The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information. El navegador en Research In Motion (RIM) BlackBerry Device Software v5.0.0.593 Platform v5.1.0.147 en la BlackBerry 9700 no restr... • http://packetstormsecurity.org/1009-exploits/blackberry-crossorigin.txt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 4%CPEs: 17EXPL: 0CVE-2010-2601
https://notcve.org/view.php?id=CVE-2010-2601
14 Oct 2010 — Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document. Múltiples desbordamientos de búfer en PDF distiller en el componente Attachment Service en Research In Motion (RIM) BlackBerry En... • http://blackberry.com/btsc/KB24547 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3741
https://notcve.org/view.php?id=CVE-2010-3741
05 Oct 2010 — The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack. El mecanismo de copia de seguridad offline de Research In Motion (RIM) BlackBerry Desktop Software utiliza PBKDF2 de una sola iteración, lo que facilita a los usuarios locales a la hora de descifrar un archivo .ipd a través de un ataque de fuerza bruta. • http://blog.crackpassword.com/2010/09/smartphone-forensics-cracking-blackberry-backup-passwords • CWE-310: Cryptographic Issues •
CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0CVE-2010-2600
https://notcve.org/view.php?id=CVE-2010-2600
15 Sep 2010 — Untrusted search path vulnerability in BlackBerry Desktop Software before 6.0.0.47 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Blackberry. Vulnerabilidad ruta de búsqueda no confiable en BlackBerry Desktop Software anterior a v6.0.0.47 permite a los usuarios locales, y posiblemente a los atacantes remotos, ejecutar código a su elección y y producir un at... • http://secunia.com/advisories/41346 •
CVSS: 9.3EPSS: 3%CPEs: 7EXPL: 0CVE-2009-4778
https://notcve.org/view.php?id=CVE-2009-4778
21 Apr 2010 — Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646. Múlt... • http://secunia.com/advisories/37562 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2009-3944
https://notcve.org/view.php?id=CVE-2009-3944
16 Nov 2009 — Research In Motion (RIM) BlackBerry Browser on the BlackBerry 8800 allows remote attackers to cause a denial of service (application hang) via a JavaScript loop that configures the home page by using the setHomePage method and a DHTML behavior property. Research In Motion (RIM) BlackBerry Browser en BlackBerry 8800 permite a atacantes remotos provocar una denegación de servicio (bloqueo de la aplicación) mediante un bucle JavaScript que configura la página de inicio usando el método "setHomePage" y una prop... • http://www.securityfocus.com/archive/1/507759/100/0/threaded •
CVSS: 9.3EPSS: 4%CPEs: 2EXPL: 0CVE-2009-0306
https://notcve.org/view.php?id=CVE-2009-0306
04 Nov 2009 — Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in lnresobject.dll in BlackBerry Desktop Manager in Research In Motion (RIM) BlackBerry Desktop Software before 5.0.1 allows remote attackers to execute arbitrary code via a crafted web page. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en el control ActiveX Intellisync en lnresobject.dll in BlackBerry Desktop Manager en Research In Motion (RIM) BlackBerry Desktop Software anterior a v5.0.1, ... • http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB19701 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2009-3477
https://notcve.org/view.php?id=CVE-2009-3477
29 Sep 2009 — The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle "hidden" characters including a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-200... • http://secunia.com/advisories/36875 • CWE-310: Cryptographic Issues •
CVSS: 6.5EPSS: 5%CPEs: 2EXPL: 2CVE-2009-3038 – Lotus note connector for BlackBerry Manager 5.0.0.11 - ActiveX Denial of Service
https://notcve.org/view.php?id=CVE-2009-3038
01 Sep 2009 — A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion (RIM) Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of service (Internet Explorer crash) by referencing the control's CLSID in the classid attribute of an OBJECT element. Un cierto control ActiveX en lnresobject.dll v7.1.1.119 en el conector Research In Motion (RIM) Lotus Notes para BlackBerry Desktop Manager v5.0.0.11 permite a atacantes remotos causar una denegación de... • https://www.exploit-db.com/exploits/9517 •
CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 0CVE-2009-2646
https://notcve.org/view.php?id=CVE-2009-2646
30 Jul 2009 — Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219. Vulnerabilidad múltiple no especificado en PDF distiller en el... • http://www.blackberry.com/btsc/KB17953 •