Peaches Posted April 19, 2009 Report Share Posted April 19, 2009 BlackBerry Products PDF Distiller Unspecified VulnerabilitiesHighly critical "Some vulnerabilities have been reported in BlackBerry Enterprise Server and BlackBerry Professional Software, which can be exploited to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.The vulnerabilities are caused due to unspecified errors within the PDF distiller component of the BlackBerry Attachment Service. These can be exploited to cause a memory corruption when a specially crafted PDF file is opened for viewing on a BlackBerry smartphone.Successful exploitation may allow execution of arbitrary code.The vulnerabilities are reported in BlackBerry Enterprise Server version 4.1 Service Pack 3 (4.1.3) through 4.1 Service Pack 6 (4.1.6) and BlackBerry Professional Software 4.1 Service Pack 4."...................................................Solution:BlackBerry Enterprise Server:Apply Interim Security Software Update 3.http://www.blackberry.com/go/serverdownloadsBlackBerry Enterprise Server for Microsoft Exchange or Lotus Domino:Update to version 4.1.6 MR5 or later.http://www.blackberry.com/go/serverdownloadsBlackBerry Professional Software:Apply Interim Security Software Update 3. http://na.blackberry.com/eng/support/downl...ab_professionalsecunia advisories - http://secunia.com/advisories/34652/ Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.