ID
VAR-E-200909-0906
TITLE
BlackBerry Device Software Browser Dialog Box Certificate Mismatch Weakness
Trust: 0.3
DESCRIPTION
The BlackBerry Device Software browser is prone to a weakness that may cause affected users to trust malicious sites.
This issue may potentially lead to other attacks, because users may operate under a false sense of security.
This issue affects all versions prior to BlackBerry Device Software 4.5.0.173, 4.6.0.303, 4.6.1.309, 4.7.0.179, and 4.7.1.57.
NOTE: This issue affects all built-in browsers installed on BlackBerry devices:
BlackBerry Browser
Internet Browser
WAP Browser
Wi-Fi (Hotspot) Browser
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | research | model: | in motion blackberry device software | scope: | eq | version: | 4.7.1 | Trust: 0.3 |
| vendor: | research | model: | in motion blackberry device software | scope: | eq | version: | 4.7 | Trust: 0.3 |
| vendor: | research | model: | in motion blackberry device software | scope: | eq | version: | 4.6.1 | Trust: 0.3 |
| vendor: | research | model: | in motion blackberry device software | scope: | eq | version: | 4.6 | Trust: 0.3 |
| vendor: | research | model: | in motion blackberry device software | scope: | eq | version: | 4.5 | Trust: 0.3 |
| vendor: | research | model: | in motion blackberry device software | scope: | ne | version: | 4.7.1.57 | Trust: 0.3 |
| vendor: | research | model: | in motion blackberry device software | scope: | ne | version: | 4.7.179 | Trust: 0.3 |
| vendor: | research | model: | in motion blackberry device software | scope: | ne | version: | 4.6.1.309 | Trust: 0.3 |
| vendor: | research | model: | in motion blackberry device software | scope: | ne | version: | 4.6.303 | Trust: 0.3 |
| vendor: | research | model: | in motion blackberry device software | scope: | ne | version: | 4.5.173 | Trust: 0.3 |
EXPLOIT
An attacker can exploit this issue by enticing a victim to follow a link to a malicious site.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Design Error
Trust: 0.3
CREDITS
Mobile Security Lab and CESG
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 36528 | Trust: 0.3 |
REFERENCES
| url: | http://www.blackberry.com/btsc/dynamickc.do?externalid=kb19552&sliceid=1&command=show&forward=nonthreadedkc&kcid=kb19552 | Trust: 0.3 |
| url: | http://www.rim.net/ | Trust: 0.3 |
SOURCES
| db: | BID | id: | 36528 |
LAST UPDATE DATE
2022-07-27T09:52:47.029000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 36528 | date: | 2009-10-01T16:20:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 36528 | date: | 2009-09-28T00:00:00 |