CVE-2010-3934

The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:rim:blackberry_device_software:5.0.0.593:*:*:*:*:*:*:*
cpe:2.3:h:rim:blackberry_9700:*:*:*:*:*:*:*:*

Information

Published : 2010-10-14 12:00

Updated : 2010-10-14 21:00


NVD link : CVE-2010-3934

Mitre link : CVE-2010-3934


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

rim

  • blackberry_9700
  • blackberry_device_software