CVE-2010-3934

The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:rim:blackberry_device_software:5.0.0.593:*:*:*:*:*:*:*
cpe:2.3:h:rim:blackberry_9700:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-10-14 19:00

Updated : 2024-02-28 11:41


NVD link : CVE-2010-3934

Mitre link : CVE-2010-3934

CVE.ORG link : CVE-2010-3934


JSON object : View

Products Affected

rim

  • blackberry_9700
  • blackberry_device_software
CWE
CWE-264

Permissions, Privileges, and Access Controls