CVSS: 9.8EPSS: 30%CPEs: 12EXPL: 0CVE-2012-0870 – samba: Any Batched ("AndX") request processing infinite recursion and heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2012-0870
23 Feb 2012 — Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion. Un desbordamiento de buffer basado en memoria dinámica (heap) en process.c de smbd en Samba v3.0, tal como se utiliza en el servicio de intercambio de archivos en la tablet... • http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29565 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2011-0290
https://notcve.org/view.php?id=CVE-2011-0290
21 Oct 2011 — The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors. BlackBerry Collaboration Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) v5.0.3 a través d... • http://secunia.com/advisories/46370 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2011-0287
https://notcve.org/view.php?id=CVE-2011-0287
14 Jul 2011 — Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en la API de BlackBerry Administration en Research In Motion (RIM) BlackBerry Enterprise Server (BES) en v5.0.1 hasta v5.0.3, y BlackBerry Enterprise Server Expr... • http://secunia.com/advisories/45242 •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 1CVE-2011-0286
https://notcve.org/view.php?id=CVE-2011-0286
18 Apr 2011 — Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en webdesktop/app en... • http://secunia.com/advisories/44183 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 3%CPEs: 3EXPL: 0CVE-2011-1290 – Webkit CSS Text Element Count Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1290
11 Mar 2011 — Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. Un desbordamiento de enteros en WebKit, tal y como es usado en e... • http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2011-1416
https://notcve.org/view.php?id=CVE-2011-1416
11 Mar 2011 — The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. Research In Motion (RIM) BlackBerry 9800 Torch con firmware v6.0.0.246 permite a los atacantes leer el contenido de posiciones de memoria a través de vectores desconocidos, como lo demuestran Vincenzo Iozzo, Pinckaers Willem, y Ra... • http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 1%CPEs: 13EXPL: 0CVE-2010-2599
https://notcve.org/view.php?id=CVE-2010-2599
12 Jan 2011 — Unspecified vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 allows remote attackers to cause a denial of service (browser hang) via a crafted web page. Vulnerabilidad no especificada en BlackBerry Device Software anterior a v6.0.0 de Research In Motion (RIM) permite a atacantes remotos provocar una denegación de servicio (navegador se bloquea) a través de una página web manipulada. • http://blog.tehtri-security.com/2011/01/blackhat-dc-2011-inglourious-hackerds.html •
CVSS: 9.3EPSS: 7%CPEs: 11EXPL: 0CVE-2010-2604
https://notcve.org/view.php?id=CVE-2010-2604
12 Jan 2011 — Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file. Múltiples desbordamientos de búfer en PDF Distiller en el componente de BlackBerry Attachment Service de Research In Motion (RIM) BlackBerry Enterprise Server v4.1.3 hasta v5.0.2, y Enterprise Server Express v5.0.1 y v5.... • http://osvdb.org/70393 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 0CVE-2010-2602
https://notcve.org/view.php?id=CVE-2010-2602
17 Dec 2010 — Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document. Múltiples desbordamientos de búfer en el componente PDF Distiller en BlackBerry Attachment Service en BlackBerry Enterprise Server v5.0.0 hasta v5.0.2, v4.1.6, y v4.1.7, permite a atacantes remotos provocar una denegación de... • http://secunia.com/advisories/35632 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2010-2603
https://notcve.org/view.php?id=CVE-2010-2603
17 Dec 2010 — RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for Mac, uses a weak password to encrypt a database backup file, which makes it easier for local users to decrypt the file via a brute force attack. RIM BlackBerry Desktop Software v4.7 hasta v6.0 para PC, y v1.0 para Mac, utiliza una contraseña débil para cifrar un archivo de copia de seguridad de la base de datos, lo que hace que sea más fácil para los usuarios locales descifrar el archivo a través de un ataque de fuerza bruta. • http://secunia.com/advisories/42657 • CWE-310: Cryptographic Issues •