BlackBerry < Multiple Flash Player Code Execution Vulnerabilities

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.

Synopsis :

The version of BlackBerry 10 OS is affected by multiple remote code
execution vulnerabilities.

Description :

The mobile device uses a version of BlackBerry 10 OS that is older than It is, therefore, affected by the following
vulnerabilities in the version of Flash Player supplied with it :

- Multiple memory corruption errors exist that could lead
to code execution. (CVE-2013-1378, CVE-2013-1379,

- An integer overflow error exists that could lead to code
execution. (CVE-2013-2555)

Note that this plugin has relied solely on the version of the installed
OS and has not attempted to verify whether Flash content is disabled in
the device's browser.

See also :

Solution :

Upgrade to BlackBerry or later.

Alternatively, refer to the vendor's advisory to disable Flash

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true

Family: Mobile Devices

Nessus Plugin ID: 71992 ()

Bugtraq ID: 58396

CVE ID: CVE-2013-1378