I had found 3 bugs in blackberry mobile site, m.blackberry.com & 2 bugs in developers site developer.blackberry.com.
Tested ON- OS: Windows 7 Browser: Google Chrome & Firefox (latest versions)
1. URL redirection is sometimes used as a part of phishing attacks that confuse visitors about which web site they are visiting & or they are made to download malicious files.
A remote attacker can redirect users from your website to a specified URL. This problem may assist an attacker to conduct phishing attacks, trojan distribution, spammers.
=> Vulerable URL: http://m.blackberry.com/cps/rde/xchg/blackberrymobile2012/hs.xsl/-/index.html?
The above URL redirects to apple.com , which can be replaced with a malicious phishing URL or file containing Malware.
Fix: Your script should properly sanitize user input
2. Path disclosure Type: Information Disclosure URL: http://m.blackberry.com/cps/rde/xchg/blackberrymobile2012
The above URL is disclosing the path on the server: /cps/rde/xchg/SID-B461826F-730AD1C9/blackberrymobile2012
Fix: Deal with errors gracefully when a file is not located in the location is should be.
3.Important HTML forms without CSRF Protection- /at/de/feedback.html /at/de/polling1.html
I reported this to BlackBerry PSIRT already & the bugs are patched by now.
The 2 bugs in the developers site were use of SSL 2.0 deprecated protocol & SSL weak ciphers, which are not very critical.