You are here

U-228: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities

August 6, 2012 - 7:00am

Addthis

PROBLEM:

BlackBerry Tablet OS Flash Player Multiple Vulnerabilities

PLATFORM:

Adobe Flash Player versions included with BlackBerry PlayBook tablet software versions 2.0.1.358 and earlier.

ABSTRACT:

Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet software

reference  LINKS:

BlackBerry Article ID: KB31675
Secunia Advisory SA50164
CVE-2012-0752
CVE-2012-0753
CVE-2012-0754
CVE-2012-0755
CVE-2012-0756
CVE-2012-0767
CVE-2012-0768
CVE-2012-0769
CVE-2012-0773
CVE-2012-0779

IMPACT ASSESSMENT:

High

Discussion:

Multiple vulnerabilities have been reported in BlackBerry Tablet OS, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, gain knowledge of potentially sensitive information, and compromise a user's system.
The vulnerabilities are caused due to a vulnerable bundled version of Adobe Flash Player.

Impact:

Successful exploitation of any of these issues could potentially result in an attacker being able to execute arbitrary code (that is, achieve RCE) in the context of the application that opens the specially crafted Adobe Flash content (typically the web browser). Failed exploitation of this issue might result in abnormal or unexpected termination of the application.

Solution:

Manually Check for Software Updates From the home screen, tap to open Options. Tap Software Updates. Tap Check for Updates.
 

Addthis