CVE-2011-1290

Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
References
Link Resource
http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html
http://osvdb.org/71182
http://secunia.com/advisories/43735 Vendor Advisory
http://secunia.com/advisories/43748 Vendor Advisory
http://secunia.com/advisories/43782 Vendor Advisory
http://secunia.com/advisories/44151 Vendor Advisory
http://secunia.com/advisories/44154 Vendor Advisory
http://support.apple.com/kb/HT4596
http://support.apple.com/kb/HT4607
http://www.blackberry.com/btsc/KB26132
http://www.debian.org/security/2011/dsa-2192
http://www.securityfocus.com/archive/1/517513/100/0/threaded
http://www.securityfocus.com/bid/46849
http://www.securitytracker.com/id?1025212
http://www.vupen.com/english/advisories/2011/0645 Vendor Advisory
http://www.vupen.com/english/advisories/2011/0654 Vendor Advisory
http://www.vupen.com/english/advisories/2011/0671
http://www.vupen.com/english/advisories/2011/0984 Vendor Advisory
http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401
http://www.zerodayinitiative.com/advisories/ZDI-11-104
https://exchange.xforce.ibmcloud.com/vulnerabilities/66052
http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html
http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html
http://osvdb.org/71182
http://secunia.com/advisories/43735 Vendor Advisory
http://secunia.com/advisories/43748 Vendor Advisory
http://secunia.com/advisories/43782 Vendor Advisory
http://secunia.com/advisories/44151 Vendor Advisory
http://secunia.com/advisories/44154 Vendor Advisory
http://support.apple.com/kb/HT4596
http://support.apple.com/kb/HT4607
http://www.blackberry.com/btsc/KB26132
http://www.debian.org/security/2011/dsa-2192
http://www.securityfocus.com/archive/1/517513/100/0/threaded
http://www.securityfocus.com/bid/46849
http://www.securitytracker.com/id?1025212
http://www.vupen.com/english/advisories/2011/0645 Vendor Advisory
http://www.vupen.com/english/advisories/2011/0654 Vendor Advisory
http://www.vupen.com/english/advisories/2011/0671
http://www.vupen.com/english/advisories/2011/0984 Vendor Advisory
http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401
http://www.zerodayinitiative.com/advisories/ZDI-11-104
https://exchange.xforce.ibmcloud.com/vulnerabilities/66052
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*
cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:25

Type Values Removed Values Added
References () http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 - () http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 -
References () http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html - () http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html -
References () http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html - () http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html -
References () http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html - () http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html -
References () http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html - () http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html -
References () http://osvdb.org/71182 - () http://osvdb.org/71182 -
References () http://secunia.com/advisories/43735 - Vendor Advisory () http://secunia.com/advisories/43735 - Vendor Advisory
References () http://secunia.com/advisories/43748 - Vendor Advisory () http://secunia.com/advisories/43748 - Vendor Advisory
References () http://secunia.com/advisories/43782 - Vendor Advisory () http://secunia.com/advisories/43782 - Vendor Advisory
References () http://secunia.com/advisories/44151 - Vendor Advisory () http://secunia.com/advisories/44151 - Vendor Advisory
References () http://secunia.com/advisories/44154 - Vendor Advisory () http://secunia.com/advisories/44154 - Vendor Advisory
References () http://support.apple.com/kb/HT4596 - () http://support.apple.com/kb/HT4596 -
References () http://support.apple.com/kb/HT4607 - () http://support.apple.com/kb/HT4607 -
References () http://www.blackberry.com/btsc/KB26132 - () http://www.blackberry.com/btsc/KB26132 -
References () http://www.debian.org/security/2011/dsa-2192 - () http://www.debian.org/security/2011/dsa-2192 -
References () http://www.securityfocus.com/archive/1/517513/100/0/threaded - () http://www.securityfocus.com/archive/1/517513/100/0/threaded -
References () http://www.securityfocus.com/bid/46849 - () http://www.securityfocus.com/bid/46849 -
References () http://www.securitytracker.com/id?1025212 - () http://www.securitytracker.com/id?1025212 -
References () http://www.vupen.com/english/advisories/2011/0645 - Vendor Advisory () http://www.vupen.com/english/advisories/2011/0645 - Vendor Advisory
References () http://www.vupen.com/english/advisories/2011/0654 - Vendor Advisory () http://www.vupen.com/english/advisories/2011/0654 - Vendor Advisory
References () http://www.vupen.com/english/advisories/2011/0671 - () http://www.vupen.com/english/advisories/2011/0671 -
References () http://www.vupen.com/english/advisories/2011/0984 - Vendor Advisory () http://www.vupen.com/english/advisories/2011/0984 - Vendor Advisory
References () http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401 - () http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401 -
References () http://www.zerodayinitiative.com/advisories/ZDI-11-104 - () http://www.zerodayinitiative.com/advisories/ZDI-11-104 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/66052 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/66052 -

Information

Published : 2011-03-11 21:57

Updated : 2024-11-21 01:25


NVD link : CVE-2011-1290

Mitre link : CVE-2011-1290

CVE.ORG link : CVE-2011-1290


JSON object : View

Products Affected

apple

  • webkit

rim

  • blackberry_torch_9800_firmware
  • blackberry_torch_9800
CWE
CWE-189

Numeric Errors