Skip to main content

BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities

Last Update Date: 11 Aug 2011 10:31 Release Date: 11 Aug 2011 6667 Views

RISK: High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities have been identified in BlackBerry Enterprise Server, which can be exploited by malicious people to compromise a vulnerable system.

  1. An unspecified error within the BlackBerry MDS Connection Service when processing PNG and TIFF images can be exploited when a specially crafted PNG or TIFF image on a webpage is being viewed on a BlackBerry smartphone.
  2. An unspecified error within the BlackBerry Messaging Agent when processing embedded PNG and TIFF images in emails can be exploited via a specially crafted PNG or TIFF image being sent in an email to a BlackBerry smartphone.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.


Impact

  • Remote Code Execution

System / Technologies affected

  • BlackBerry Enterprise Server Express for Domino 5.x
  • Blackberry Enterprise Server Express for Exchange 5.x
  • BlackBerry Enterprise Server for Domino 5.x
  • Blackberry Enterprise Server for Exchange 5.x
  • BlackBerry Enterprise Server for Novell GroupWise 4.x
  • BlackBerry Enterprise Server for Novell GroupWise 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link