Vulnerability Details : CVE-2011-1416
The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2011-1416
Probability of exploitation activity in the next 30 days: 0.08%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 33 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-1416
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2011-1416
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1416
-
http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401
Pwn2Own 2011: BlackBerry falls to WebKit browser attack | ZDNet
-
http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
Threat Intelligence | Digital Vaccine® | ThreatLinQ | Trend Micro
Products affected by CVE-2011-1416
- cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*
- cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*