Documente Academic
Documente Profesional
Documente Cultură
Vulnerability in WebKit browser engine impacts BlackBerry Device Software version 6.0 and
later
Products
Affected Third-Party Component(s)
Article ID: KB26132
The issue affects the open source WebKit browser engine used in BlackBerry® Device So ware version 6.0 and
later. Type: Security Notice
BlackBerry smartphones running BlackBerry Device Software version 6.0 and later Last Modified: 03-15-2011
Application storage is the only place on a device from which applications can be run. Sections of application storage can
store files that a user downloads or saves to device memory. Exploitation of the vulnerability does not allow access to
this part of BlackBerry smartphone memory.
Overview
Research In Motion is aware of recent reports of a vulnerability affecting the implementation of open source WebKit
technology in the BlackBerry Browser in BlackBerry Device Software version 6.0 and later. This security notice
communicates the following key facts:
The exploitation of the vulnerability was performed at the Pwn2Own 2011 Contest and is publicly known.
At the time of release of this security notice, the BlackBerry Security Incident Response Team has not received
any reports that this vulnerability has been successfully exploited on a BlackBerry smartphone outside of a test
environment or has resulted in any impact to BlackBerry customers.
A successful exploit could allow the attacker to use the BlackBerry Browser to access user data stored on the
media card and in the built-in media storage on the BlackBerry smartphone, but not to access user data that the
email, calendar and contact applications store in the application storage (the internal file system that stores
application data and user data) of the BlackBerry smartphone.
Recommendation
Follow the available workarounds documented in this security notice.
Exercise caution when clicking on links to untrusted websites in browsers, email or instant messages.
References
CVE® Identifier: CVE-2011-1290
Workaround
Important: Turning off JavaScript may impact the ability to view web pages, or result in a diminished browsing
experience.
Click the name of your BlackBerry smartphone model to view instructions for turning off JavaScript support.
1 of 3 3/18/2011 10:59 AM
KB26132-Vulnerability in WebKit browser engine impacts BlackBerry D... http://www.blackberry.com/btsc/microsites/microsite.do?cmd=display...
If you are a BlackBerry Enterprise Server administrator, you can turn off JavaScript support using the Disable JavaScript
in Browser IT policy rule. View the BlackBerry Enterprise Server Policy Reference Guide for more information.
Important: Notify the affected users in your organization that you have made a change that will impact the ability to
view web pages, or result in a diminished browsing experience on BlackBerry smartphones.
To disable the BlackBerry Browser, complete the followings steps in the IT policy or policies:
View the BlackBerry Enterprise Server Policy Reference Guide for more information on IT policy rules.
View more information about using an IT policy to manage BlackBerry Enterprise Solution security.
Important: If users attempt to use browsing by clicking a link in a message received before you disabled the
BlackBerry Browser, the following dialog will instruct them to contact their service provider to enable the Browser. Notify
the affected users in your organization that you have made a change that will hide the BlackBerry Browser icon on
BlackBerry smartphones and prevent use of browsing using links in messages.
Additional Information
What is WebKit?
WebKit is a browser rendering engine designed to allow browsers to display webpages quickly. Browsers from multiple
vendors on mobile, desktop and laptop platforms implement WebKit technology.
Successful exploitation of the vulnerability requires the user to browse to a website that the attacker has maliciously
designed. The website could be an otherwise legitimate website that the attacker has compromised. An example of a
website that could be compromised is a site that accepts or hosts user-provided HTML content or advertisements.
No. The act of sending, receiving, or reading email does not allow an attacker to exploit this vulnerability on your
BlackBerry smartphone.
RIM is investigating the issue to determine the best resolution for protecting BlackBerry smartphone users.
Have any BlackBerry customers been subject to an attack that exploits this vulnerability?
No.
What is CVE?
Common Vulnerabilities and Exposures (CVE) is a dictionary of common names (CVE Identifiers) for publicly known
information security vulnerabilities maintained by the MITRE corporation.
What is CVSS?
CVSS is a vendor agnostic, industry open standard designed to convey the severity of vulnerabilities. CVSS scores may
be used to determine the urgency for update deployment within an organization. CVSS scores range from 0.0 (no
vulnerability) to 10.0 (critical). RIM uses CVSS in vulnerability assessments to present an immutable characterization of
security issues. RIM assigns all security relevant issues a non-zero score.
2 of 3 3/18/2011 10:59 AM
KB26132-Vulnerability in WebKit browser engine impacts BlackBerry D... http://www.blackberry.com/btsc/microsites/microsite.do?cmd=display...
Acknowledgments
RIM acknowledges the following security researchers for reporting this WebKit vulnerability: Vincenzo Iozzo, Ralf Philipp
Weinmann, and Willem Pinckaers (reported via TippingPoint and the Zero Day Initiative).
Change Log
03-15-11
Article updated to include another workaround option (disabling the BlackBerry Browser) and clarify the following
details:
A successful exploit could allow the attacker to access user data stored on the media card and in the built-in
media storage on the BlackBerry smartphone.
A successful exploit could not allow the attacker to access user data that the email, calendar and contact
applications store in the application storage (the internal file system on the BlackBerry smartphone stores
application data and user data).
Application storage is the only place on a device from which applications can be run. Sections of application
storage can store files that a user downloads or saves to device memory.
Exploitation of the vulnerability does not allow access to this part of BlackBerry smartphone memory.
Disclaimer
By downloading, accessing or otherwise using the Knowledge Base documents you agree:
(a) that the terms of use for the documents found at www.blackberry.com/legal/knowledgebase apply to your use or reference to these
documents; and
(b) not to copy, distribute, disclose or reproduce, in full or in part any of the documents without the express written consent of RIM.
3 of 3 3/18/2011 10:59 AM