Vulnerability Details : CVE-2011-1290
Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
Vulnerability category: OverflowExecute code
Products affected by CVE-2011-1290
- cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
- cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*
- cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1290
24.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1290
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2011-1290
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1290
-
http://www.vupen.com/english/advisories/2011/0654
Webmail | OVH- OVHVendor Advisory
-
http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401
Pwn2Own 2011: BlackBerry falls to WebKit browser attack | ZDNet
-
http://www.securityfocus.com/archive/1/517513/100/0/threaded
SecurityFocus
-
http://www.securitytracker.com/id?1025212
Blackberry Device Software Bug in WebKit Lets Remote Users Execute Code - SecurityTracker
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/66052
Google Chrome WebKit style data code execution CVE-2011-1290 Vulnerability Report
-
http://www.blackberry.com/btsc/KB26132
-
http://support.apple.com/kb/HT4607
About the security content of iOS 4.2.7 Software Update for iPhone - Apple Support
-
http://support.apple.com/kb/HT4596
We're sorry.
-
http://www.vupen.com/english/advisories/2011/0645
Webmail | OVH- OVHVendor Advisory
-
http://www.vupen.com/english/advisories/2011/0984
Webmail | OVH- OVHVendor Advisory
-
http://www.zerodayinitiative.com/advisories/ZDI-11-104
ZDI-11-104 | Zero Day Initiative
-
http://www.vupen.com/english/advisories/2011/0671
Webmail | OVH- OVH
-
http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
Chrome Releases: Stable and Beta Channel Updates
-
http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html
Apple - Lists.apple.com
-
http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
Threat Intelligence | Digital Vaccine® | ThreatLinQ | Trend Micro
-
http://www.securityfocus.com/bid/46849
WebKit Style Handling Memory Corruption Vulnerability
-
http://www.debian.org/security/2011/dsa-2192
-
http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html
Apple - Lists.apple.com
-
http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html
Apple - Lists.apple.com
Jump to