PROBLEM:
Blackberry PlayBook File Sharing Option Lets Local Users Gain Elevated Privileges.
PLATFORM:
BlackBerry PlayBook tablet software version 1.0.8.4985 and earlier
ABSTRACT:
A local user can obtain root privileges on the target tablet system.
reference LINKS:
SecurityTracker Alert ID:1026386
Vulnerability Summary for CVE-2011-0291
BlackBerry Technical Solution Center
IMPACT ASSESSMENT:
High
Discussion:
A vulnerability was reported in Blackberry PlayBook. A local user can obtain elevated privileges on the target system. On a tablet with File Sharing enabled and connected via USB to a system running BlackBerry Desktop Software, a user can modify a backup archive file on the system to gain root privileges on the target tablet.
Impact:
A local user can obtain root privileges on the target tablet system.
Solution:
Update your BlackBerry PlayBook tablet software to version 1.0.8.6067 or later to apply the update. BlackBerry Technical Solution Center