Details of VAR-201112-0027

ID

VAR-201112-0027

CVE

CVE-2011-0291

TITLE

Research In Motion BlackBerry PlayBook Vulnerabilities that can be used to acquire privileges in tablet software

Trust: 0.8

sources: JVNDB: JVNDB-2011-003764

DESCRIPTION

The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with software before 1.0.8.6067 allows local users to gain privileges via a crafted configuration file in a backup archive. The BlackBerry PlayBook Tablet is a tablet from BlackBerry. This service is used for file sharing on a tablet with a computer running BlackBerry desktop software via a USB connection. This vulnerability cannot be used by remote attackers, but can increase privileges. Local attackers can exploit this issue to gain elevated privileges on affected tablets. ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: BlackBerry Tablet OS File Sharing Service Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47132 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47132/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47132 RELEASE DATE: 2011-12-07 DISCUSS ADVISORY: http://secunia.com/advisories/47132/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47132/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47132 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BlackBerry Tablet OS, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to an error in the File Sharing service when processing a backup archive file of the file system. The vulnerability is reported in versions 1.0.8.4985 and prior. SOLUTION: Update to version 1.0.8.6067. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://blackberry.com/btsc/KB29191 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.52

sources: NVD: CVE-2011-0291 // JVNDB: JVNDB-2011-003764 // CNVD: CNVD-2011-5180 // BID: 50931 // PACKETSTORM: 107616

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2011-5180

AFFECTED PRODUCTS

vendor:	blackberry	model:	tablet os	scope:	eq	version:	1.0.8.4985	Trust: 1.6
vendor:	research	model:	in motion blackberry playbook tablet software	scope:	eq	version:	1.0.5.2304	Trust: 0.9
vendor:	research	model:	in motion blackberry playbook tablet software	scope:	eq	version:	1.0.5.2342	Trust: 0.9
vendor:	research	model:	in motion blackberry playbook tablet software	scope:	eq	version:	1.0.6	Trust: 0.9
vendor:	research	model:	in motion blackberry playbook tablet software	scope:	eq	version:	1.0.7.2942	Trust: 0.9
vendor:	research	model:	in motion blackberry playbook tablet software	scope:	eq	version:	1.0.7.3312	Trust: 0.9
vendor:	blackberry	model:	playbook tablet software	scope:	lt	version:	1.0.8.6067	Trust: 0.8
vendor:	research	model:	in motion blackberry playbook tablet software	scope:	eq	version:	1.0.8.4985	Trust: 0.3
vendor:	research	model:	in motion blackberry playbook tablet software	scope:	ne	version:	1.0.8.6067	Trust: 0.3

sources: CNVD: CNVD-2011-5180 // BID: 50931 // JVNDB: JVNDB-2011-003764 // CNNVD: CNNVD-201112-056 // NVD: CVE-2011-0291

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-0291
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-0291
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201112-056
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2011-0291
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

sources: JVNDB: JVNDB-2011-003764 // CNNVD: CNNVD-201112-056 // NVD: CVE-2011-0291

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.8

sources: JVNDB: JVNDB-2011-003764 // NVD: CVE-2011-0291

THREAT TYPE

local

Trust: 1.0

sources: BID: 50931 // PACKETSTORM: 107616 // CNNVD: CNNVD-201112-056

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201112-056

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003764

PATCH

title:	KB29191	url:	http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB29191	Trust: 0.8
title:	Patch for BlackBerry PlayBook Tablet privilege elevation vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/6149	Trust: 0.6

sources: CNVD: CNVD-2011-5180 // JVNDB: JVNDB-2011-003764

EXTERNAL IDS

db:	NVD	id:	CVE-2011-0291	Trust: 3.3
db:	BID	id:	50931	Trust: 1.9
db:	SECUNIA	id:	47132	Trust: 1.7
db:	SECTRACK	id:	1026386	Trust: 1.6
db:	JVNDB	id:	JVNDB-2011-003764	Trust: 0.8
db:	CNVD	id:	CNVD-2011-5180	Trust: 0.6
db:	XF	id:	71659	Trust: 0.6
db:	CNNVD	id:	CNNVD-201112-056	Trust: 0.6
db:	PACKETSTORM	id:	107616	Trust: 0.1

sources: CNVD: CNVD-2011-5180 // BID: 50931 // JVNDB: JVNDB-2011-003764 // PACKETSTORM: 107616 // CNNVD: CNNVD-201112-056 // NVD: CVE-2011-0291

REFERENCES

url:	http://blackberry.com/btsc/kb29191	Trust: 1.7
url:	http://www.securityfocus.com/bid/50931	Trust: 1.6
url:	http://securitytracker.com/id?1026386	Trust: 1.6
url:	http://secunia.com/advisories/47132	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/71659	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0291	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0291	Trust: 0.8
url:	http://www.berryreview.com/2011/12/06/rim-confirms-fix-of-elevation-of-privilege-vulnerability-aka-dingleberry-jailbreak/	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/71659	Trust: 0.6
url:	http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc&doctype=kc&externalid=kb29191	Trust: 0.3
url:	http://www.rim.net/	Trust: 0.3
url:	http://secunia.com/advisories/47132/	Trust: 0.1
url:	http://secunia.com/company/jobs/	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/47132/#comments	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=47132	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2011-5180 // BID: 50931 // JVNDB: JVNDB-2011-003764 // PACKETSTORM: 107616 // CNNVD: CNNVD-201112-056 // NVD: CVE-2011-0291

CREDITS

The vendor

Trust: 0.3

sources: BID: 50931

SOURCES

db:	CNVD	id:	CNVD-2011-5180
db:	BID	id:	50931
db:	JVNDB	id:	JVNDB-2011-003764
db:	PACKETSTORM	id:	107616
db:	CNNVD	id:	CNNVD-201112-056
db:	NVD	id:	CVE-2011-0291

LAST UPDATE DATE

2024-08-14T15:19:26.863000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-5180	date:	2011-12-08T00:00:00
db:	BID	id:	50931	date:	2011-12-06T00:00:00
db:	JVNDB	id:	JVNDB-2011-003764	date:	2012-03-13T00:00:00
db:	CNNVD	id:	CNNVD-201112-056	date:	2011-12-12T00:00:00
db:	NVD	id:	CVE-2011-0291	date:	2017-08-17T01:33:26.383

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2011-5180	date:	2011-12-08T00:00:00
db:	BID	id:	50931	date:	2011-12-06T00:00:00
db:	JVNDB	id:	JVNDB-2011-003764	date:	2012-03-13T00:00:00
db:	PACKETSTORM	id:	107616	date:	2011-12-07T07:51:47
db:	CNNVD	id:	CNNVD-201112-056	date:	1900-01-01T00:00:00
db:	NVD	id:	CVE-2011-0291	date:	2011-12-08T20:55:00.780