Unrated severityNVD Advisory· Published Mar 11, 2011· Updated Apr 29, 2026
CVE-2011-1290
CVE-2011-1290
Description
Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
Affected products
3- cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
- cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*
- cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
25- secunia.com/advisories/43735nvdVendor Advisory
- secunia.com/advisories/43748nvdVendor Advisory
- secunia.com/advisories/43782nvdVendor Advisory
- secunia.com/advisories/44151nvdVendor Advisory
- secunia.com/advisories/44154nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0645nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0654nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0984nvdVendor Advisory
- dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011nvd
- googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.htmlnvd
- lists.apple.com/archives/security-announce/2011//Apr/msg00000.htmlnvd
- lists.apple.com/archives/security-announce/2011//Apr/msg00001.htmlnvd
- lists.apple.com/archives/security-announce/2011//Apr/msg00002.htmlnvd
- osvdb.org/71182nvd
- support.apple.com/kb/HT4596nvd
- support.apple.com/kb/HT4607nvd
- www.blackberry.com/btsc/KB26132nvd
- www.debian.org/security/2011/dsa-2192nvd
- www.securityfocus.com/archive/1/517513/100/0/threadednvd
- www.securityfocus.com/bid/46849nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2011/0671nvd
- www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401nvd
- www.zerodayinitiative.com/advisories/ZDI-11-104nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/66052nvd
News mentions
0No linked articles in our index yet.