📦

blackberry_world

Vendor: blackberry

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 0 Remote Access
Total CVEs 3 Total Indexed
Avg. EPSS 0.26% Exploit Prob.
Latest CVE CVE-2014-6611 Oct 25

Security Vulnerability Index

Page 1 / 1
4.3 CVSS
CVE-2014-6611

The BlackBerry World app before 5.0.0.262 on BlackBerry 10 OS 10.2.0, before 5.0.0.263 on BlackBerry 10 OS 10.2.1, and before 5.1.0.53 on BlackBerry 10 OS 10.3.0 does not properly validate download/update requests, which allows user-assisted man-in-the-middle attackers to spoof servers and trigger the download of a crafted app by modifying the client-server data stream.

EPSS: 0.26%