BlackBerry Products PDF Distiller Unspecified Vulnerabilities
RISK: Medium Risk
Some vulnerabilities have been identified in in BlackBerry Enterprise Server and BlackBerry Professional Software,
which could be exploited by remote attackers to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
The vulnerabilities are caused due to unspecified errors within the PDF distiller component of the BlackBerry Attachment Service. These can be exploited to cause a memory corruption when a specially crafted PDF file is opened for viewing on a BlackBerry smartphone.
Successful exploitation may allow execution of arbitrary code.
System / Technologies affected
- BlackBerry Enterprise Server for Domino 4.x
- BlackBerry Enterprise Server for Exchange 4.x
- BlackBerry Enterprise Server for Novell GroupWise 4.x
- BlackBerry Professional Software 4.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
BlackBerry Enterprise Server:
Apply Interim Security Software Update 3.
http://www.blackberry.com/go/serverdownloadsBlackBerry Enterprise Server for Microsoft Exchange or Lotus Domino:
Update to version 4.1.6 MR5 or later.
http://www.blackberry.com/go/serverdownloadsBlackBerry Professional Software:
Apply Interim Security Software Update 3.
http://na.blackberry.com/eng/support/downloads/#tab_professional
Vulnerability Identifier
Source
Related Link
Share with