This year's Pwn2Own event has taken BlackBerry's WebKit browser as a victim. A BlackBerry Torch (running OS 18.104.22.168) was exploited successfully thru it's WebKit browser. The browser exploit gave Vincenzo Iozzo, Willem Pinckaers and Ralf Philipp Weinmann access to all contact information & the image database on the device.
“It happens. It’s not what you want but there’s no such thing as zero code defects” says Adrian Stone, Research In Motion's director of security.
Research In Motion plans to fix the exploit with an update, but it may take longer than expected as each carrier needs to test their respective updates.