BlackBerry Desktop Software Information Disclosure Vulnerability Network Vulnerability

Summary

This host is installed with BlackBerry Desktop Software and is prone to Information Disclosure vulnerability.

Impact

Successful exploitation will allow attacker to obtain sensitive information that may lead to further attacks. Impact Level: Application

Solution

Upgrade to the BlackBerry Desktop Software version 6.0.1 or later, For updates refer to http://uk.blackberry.com/services/desktop/desktop_pc.jsp

Insight

The flaw is due to a 'weak password method' used in the BlackBerry Desktop Software, which allows to conduct brute force guessing attacks to decrypt the backup file.

Affected

BlackBerry Desktop Software version 4.7 through 6.0

References

http://secunia.com/advisories/42657
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB24764
http://www.securitytracker.com/id?1024908

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2603
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

CCProxy Version Detection
BlackBerry Desktop Software Information Disclosure Vulnerability
Elecard MPEG Player Application Version Detection
IMP Detection
Check for SSL Medium Ciphers

Take action and discover your vulnerabilities