Vulnerability Details : CVE-2011-1416
The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
Vulnerability category: Information leak
Products affected by CVE-2011-1416
- cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*
- cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1416
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1416
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2011-1416
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1416
-
http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401
Pwn2Own 2011: BlackBerry falls to WebKit browser attack | ZDNet
-
http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
Threat Intelligence | Digital Vaccine® | ThreatLinQ | Trend Micro
Jump to