BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities
Last Update Date:
11 Aug 2011 10:31
Release Date:
11 Aug 2011
6667
Views
RISK: High Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in BlackBerry Enterprise Server, which can be exploited by malicious people to compromise a vulnerable system.
- An unspecified error within the BlackBerry MDS Connection Service when processing PNG and TIFF images can be exploited when a specially crafted PNG or TIFF image on a webpage is being viewed on a BlackBerry smartphone.
- An unspecified error within the BlackBerry Messaging Agent when processing embedded PNG and TIFF images in emails can be exploited via a specially crafted PNG or TIFF image being sent in an email to a BlackBerry smartphone.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Impact
- Remote Code Execution
System / Technologies affected
- BlackBerry Enterprise Server Express for Domino 5.x
- Blackberry Enterprise Server Express for Exchange 5.x
- BlackBerry Enterprise Server for Domino 5.x
- Blackberry Enterprise Server for Exchange 5.x
- BlackBerry Enterprise Server for Novell GroupWise 4.x
- BlackBerry Enterprise Server for Novell GroupWise 5.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply updates.
http://www.blackberry.com/btsc/KB27244
Vulnerability Identifier
Source
Related Link
Share with