This particular vulnerability relates to the PlayBooks native applications. When a native application for the PlayBook is created the developer has access to a unique file called the .ALL file. This file on the QNK based system allows them access to shared data or files. In short, there is a flaw which allows native developers access to files they should not have access to.
The .ALL file when used security researchers allowed them to access a PlayBook owners bookmarks, Wi-Fi access points, BBM username and info, desktop manager token, and the BlackBerry Bridge token. This token is pretty much the key that connects the BlackBerry device to the PlayBook. The Bluetooth connection between the PlayBook and phone is secure, but the problem is that this token can be used by a native developer to query the bridge for data they should not have access to.
RIM has spoken out about this vulnerability in the following official statement:
“The BlackBerry PlayBook issue described at the Infiltrate security conference has been resolved with BlackBerry PlayBook OS 2.0, which is scheduled to be available as a free download to customers in February 2012. There are no known exploits and risk is mitigated by the fact that a user would need to install and run a malicious application after initiating a BlackBerry Bridge connection with their BlackBerry smartphone.”