All the vulnerabilites related to rim - blackberry_enterprise_server
cve-2005-2344
Vulnerability from cvelistv5
Published
2006-01-09 23:00
Modified
2024-08-07 22:22
Severity ?
EPSS score ?
Summary
The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/18393 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24063 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/16204 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2006/0127 | vdb-entry, x_refsource_VUPEN | |
| http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794 | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/646976 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:49.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18393"
},
{
"name": "blackberry-attachment-png-bo(24063)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24063"
},
{
"name": "16204",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16204"
},
{
"name": "ADV-2006-0127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0127"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794"
},
{
"name": "VU#646976",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/646976"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "18393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18393"
},
{
"name": "blackberry-attachment-png-bo(24063)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24063"
},
{
"name": "16204",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16204"
},
{
"name": "ADV-2006-0127",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0127"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794"
},
{
"name": "VU#646976",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/646976"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2005-2344",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18393"
},
{
"name": "blackberry-attachment-png-bo(24063)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24063"
},
{
"name": "16204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16204"
},
{
"name": "ADV-2006-0127",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0127"
},
{
"name": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794"
},
{
"name": "VU#646976",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/646976"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2005-2344",
"datePublished": "2006-01-09T23:00:00",
"dateReserved": "2005-07-21T00:00:00",
"dateUpdated": "2024-08-07T22:22:49.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5489
Vulnerability from cvelistv5
Published
2006-10-25 10:00
Modified
2024-08-07 19:55
Severity ?
EPSS score ?
Summary
Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/29897 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29678 | vdb-entry, x_refsource_XF | |
| http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch&nodeId=1276788 | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1017101 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2006/4133 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/22408 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:52.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29897",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29897"
},
{
"name": "blackberry-unspecified-dos(29678)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29678"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch\u0026nodeId=1276788"
},
{
"name": "1017101",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017101"
},
{
"name": "ADV-2006-4133",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4133"
},
{
"name": "22408",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee\u0027s calendar meeting time."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29897",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29897"
},
{
"name": "blackberry-unspecified-dos(29678)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29678"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch\u0026nodeId=1276788"
},
{
"name": "1017101",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017101"
},
{
"name": "ADV-2006-4133",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4133"
},
{
"name": "22408",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22408"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee\u0027s calendar meeting time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29897",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29897"
},
{
"name": "blackberry-unspecified-dos(29678)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29678"
},
{
"name": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch\u0026nodeId=1276788",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch\u0026nodeId=1276788"
},
{
"name": "1017101",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017101"
},
{
"name": "ADV-2006-4133",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4133"
},
{
"name": "22408",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22408"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5489",
"datePublished": "2006-10-25T10:00:00",
"dateReserved": "2006-10-24T00:00:00",
"dateUpdated": "2024-08-07T19:55:52.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0286
Vulnerability from cvelistv5
Published
2011-04-18 18:00
Modified
2024-09-17 02:20
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.blackberry.com/btsc/KB26296 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2011/0971 | vdb-entry, x_refsource_VUPEN | |
| http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf | x_refsource_MISC | |
| http://secunia.com/advisories/44183 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1025356 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/47324 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:07.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/KB26296"
},
{
"name": "ADV-2011-0971",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0971"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
},
{
"name": "44183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44183"
},
{
"name": "1025356",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025356"
},
{
"name": "47324",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47324"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-04-18T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/KB26296"
},
{
"name": "ADV-2011-0971",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0971"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
},
{
"name": "44183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44183"
},
{
"name": "1025356",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025356"
},
{
"name": "47324",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47324"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.blackberry.com/btsc/KB26296",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/KB26296"
},
{
"name": "ADV-2011-0971",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0971"
},
{
"name": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf",
"refsource": "MISC",
"url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
},
{
"name": "44183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44183"
},
{
"name": "1025356",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025356"
},
{
"name": "47324",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47324"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0286",
"datePublished": "2011-04-18T18:00:00Z",
"dateReserved": "2011-01-06T00:00:00Z",
"dateUpdated": "2024-09-17T02:20:53.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3483
Vulnerability from cvelistv5
Published
2007-06-28 20:00
Modified
2024-08-07 14:21
Severity ?
EPSS score ?
Summary
Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35442 | vdb-entry, x_refsource_XF | |
| http://www.praetoriang.net/presentations/blackjack.html | x_refsource_MISC | |
| http://www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:35.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "blackberry-insecure-permissions(35442)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35442"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.praetoriang.net/presentations/blackjack.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "blackberry-insecure-permissions(35442)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35442"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.praetoriang.net/presentations/blackjack.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "blackberry-insecure-permissions(35442)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35442"
},
{
"name": "http://www.praetoriang.net/presentations/blackjack.html",
"refsource": "MISC",
"url": "http://www.praetoriang.net/presentations/blackjack.html"
},
{
"name": "http://www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3483",
"datePublished": "2007-06-28T20:00:00",
"dateReserved": "2007-06-28T00:00:00",
"dateUpdated": "2024-08-07T14:21:35.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-2341
Vulnerability from cvelistv5
Published
2006-01-02 00:00
Modified
2024-08-07 22:22
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/16098 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/570768 | third-party-advisory, x_refsource_CERT-VN | |
| http://secunia.com/advisories/18277 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/0011 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1015426 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:48.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16098",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16098"
},
{
"name": "VU#570768",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/570768"
},
{
"name": "18277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18277"
},
{
"name": "ADV-2006-0011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"name": "1015426",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-04T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "16098",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16098"
},
{
"name": "VU#570768",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/570768"
},
{
"name": "18277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18277"
},
{
"name": "ADV-2006-0011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"name": "1015426",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015426"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2005-2341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16098"
},
{
"name": "VU#570768",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/570768"
},
{
"name": "18277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18277"
},
{
"name": "ADV-2006-0011",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"name": "1015426",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015426"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2005-2341",
"datePublished": "2006-01-02T00:00:00",
"dateReserved": "2005-07-21T00:00:00",
"dateUpdated": "2024-08-07T22:22:48.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2604
Vulnerability from cvelistv5
Published
2011-01-12 23:00
Modified
2024-08-07 02:39
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2011/0081 | vdb-entry, x_refsource_VUPEN | |
| http://www.blackberry.com/btsc/KB25382 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64621 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/42882 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1024953 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/45753 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/70393 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2011-0081",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0081"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/KB25382"
},
{
"name": "blackberry-pdf-distiller-bo(64621)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64621"
},
{
"name": "42882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42882"
},
{
"name": "1024953",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024953"
},
{
"name": "45753",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45753"
},
{
"name": "70393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/70393"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2011-0081",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0081"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/KB25382"
},
{
"name": "blackberry-pdf-distiller-bo(64621)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64621"
},
{
"name": "42882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42882"
},
{
"name": "1024953",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024953"
},
{
"name": "45753",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45753"
},
{
"name": "70393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/70393"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2011-0081",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0081"
},
{
"name": "http://www.blackberry.com/btsc/KB25382",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/KB25382"
},
{
"name": "blackberry-pdf-distiller-bo(64621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64621"
},
{
"name": "42882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42882"
},
{
"name": "1024953",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024953"
},
{
"name": "45753",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45753"
},
{
"name": "70393",
"refsource": "OSVDB",
"url": "http://osvdb.org/70393"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2604",
"datePublished": "2011-01-12T23:00:00",
"dateReserved": "2010-07-01T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-2342
Vulnerability from cvelistv5
Published
2006-01-02 00:00
Modified
2024-08-07 22:22
Severity ?
EPSS score ?
Summary
Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898 | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/392920 | third-party-advisory, x_refsource_CERT-VN | |
| http://securitytracker.com/id?1015427 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/16100 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/18277 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/0011 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:48.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898"
},
{
"name": "VU#392920",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/392920"
},
{
"name": "1015427",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015427"
},
{
"name": "16100",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16100"
},
{
"name": "18277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18277"
},
{
"name": "ADV-2006-0011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-04T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898"
},
{
"name": "VU#392920",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/392920"
},
{
"name": "1015427",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015427"
},
{
"name": "16100",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16100"
},
{
"name": "18277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18277"
},
{
"name": "ADV-2006-0011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2005-2342",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898"
},
{
"name": "VU#392920",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/392920"
},
{
"name": "1015427",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015427"
},
{
"name": "16100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16100"
},
{
"name": "18277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18277"
},
{
"name": "ADV-2006-0011",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2005-2342",
"datePublished": "2006-01-02T00:00:00",
"dateReserved": "2005-07-21T00:00:00",
"dateUpdated": "2024-08-07T22:22:48.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0290
Vulnerability from cvelistv5
Published
2011-10-21 10:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/46370 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.blackberry.com/btsc/KB28524 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/50064 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1026179 | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/76286 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/70519 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:07.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46370"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/KB28524"
},
{
"name": "50064",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50064"
},
{
"name": "1026179",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1026179"
},
{
"name": "76286",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/76286"
},
{
"name": "bes-collaboration-service-spoofing(70519)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70519"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "46370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46370"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/KB28524"
},
{
"name": "50064",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50064"
},
{
"name": "1026179",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1026179"
},
{
"name": "76286",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/76286"
},
{
"name": "bes-collaboration-service-spoofing(70519)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70519"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46370"
},
{
"name": "http://www.blackberry.com/btsc/KB28524",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/KB28524"
},
{
"name": "50064",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50064"
},
{
"name": "1026179",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1026179"
},
{
"name": "76286",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/76286"
},
{
"name": "bes-collaboration-service-spoofing(70519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70519"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0290",
"datePublished": "2011-10-21T10:00:00",
"dateReserved": "2011-01-06T00:00:00",
"dateUpdated": "2024-08-06T21:51:07.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0287
Vulnerability from cvelistv5
Published
2011-07-14 23:00
Modified
2024-09-16 19:21
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/45242 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/48655 | vdb-entry, x_refsource_BID | |
| http://www.blackberry.com/btsc/KB27258 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45242"
},
{
"name": "48655",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48655"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/KB27258"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "45242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45242"
},
{
"name": "48655",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48655"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/KB27258"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45242"
},
{
"name": "48655",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48655"
},
{
"name": "http://www.blackberry.com/btsc/KB27258",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/KB27258"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0287",
"datePublished": "2011-07-14T23:00:00Z",
"dateReserved": "2011-01-06T00:00:00Z",
"dateUpdated": "2024-09-16T19:21:15.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2643
Vulnerability from cvelistv5
Published
2009-07-28 19:06
Modified
2024-08-07 05:59
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.blackberry.com/btsc/KB18327 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2009/1429 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/35254 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50755 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/35102 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/54767 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1022295 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/KB18327"
},
{
"name": "ADV-2009-1429",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1429"
},
{
"name": "35254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35254"
},
{
"name": "blackberry-pdf-code-execution(50755)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50755"
},
{
"name": "35102",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35102"
},
{
"name": "54767",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/54767"
},
{
"name": "1022295",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/KB18327"
},
{
"name": "ADV-2009-1429",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1429"
},
{
"name": "35254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35254"
},
{
"name": "blackberry-pdf-code-execution(50755)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50755"
},
{
"name": "35102",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35102"
},
{
"name": "54767",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/54767"
},
{
"name": "1022295",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2643",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.blackberry.com/btsc/KB18327",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/KB18327"
},
{
"name": "ADV-2009-1429",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1429"
},
{
"name": "35254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35254"
},
{
"name": "blackberry-pdf-code-execution(50755)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50755"
},
{
"name": "35102",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35102"
},
{
"name": "54767",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/54767"
},
{
"name": "1022295",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2643",
"datePublished": "2009-07-28T19:06:00",
"dateReserved": "2009-07-28T00:00:00",
"dateUpdated": "2024-08-07T05:59:56.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0761
Vulnerability from cvelistv5
Published
2006-02-18 02:00
Modified
2024-08-07 16:48
Severity ?
EPSS score ?
Summary
Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/16590 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2006/0530 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24629 | vdb-entry, x_refsource_XF | |
| http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753&vernum=2 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/424728/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:56.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16590",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16590"
},
{
"name": "ADV-2006-0530",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0530"
},
{
"name": "blackberry-attachment-word-bo(24629)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24629"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753\u0026vernum=2"
},
{
"name": "20060210 Corrupt Word file may cause buffer overflow in the Blackberry Attachment Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424728/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16590",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16590"
},
{
"name": "ADV-2006-0530",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0530"
},
{
"name": "blackberry-attachment-word-bo(24629)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24629"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753\u0026vernum=2"
},
{
"name": "20060210 Corrupt Word file may cause buffer overflow in the Blackberry Attachment Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424728/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0761",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16590",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16590"
},
{
"name": "ADV-2006-0530",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0530"
},
{
"name": "blackberry-attachment-word-bo(24629)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24629"
},
{
"name": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753\u0026vernum=2",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753\u0026vernum=2"
},
{
"name": "20060210 Corrupt Word file may cause buffer overflow in the Blackberry Attachment Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424728/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0761",
"datePublished": "2006-02-18T02:00:00",
"dateReserved": "2006-02-18T00:00:00",
"dateUpdated": "2024-08-07T16:48:56.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3246
Vulnerability from cvelistv5
Published
2008-07-21 16:00
Modified
2024-08-07 09:28
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/31141 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/43843 | vdb-entry, x_refsource_XF | |
| http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/43840 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/289235 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securitytracker.com/id?1020505 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/31092 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/2108/references | vdb-entry, x_refsource_VUPEN | |
| http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31141"
},
{
"name": "blackberry-unite-pdf-code-execution(43843)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43843"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html"
},
{
"name": "blackberry-es-pdf-code-execution(43840)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43840"
},
{
"name": "VU#289235",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/289235"
},
{
"name": "1020505",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020505"
},
{
"name": "31092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31092"
},
{
"name": "ADV-2008-2108",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2108/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31141"
},
{
"name": "blackberry-unite-pdf-code-execution(43843)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43843"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html"
},
{
"name": "blackberry-es-pdf-code-execution(43840)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43840"
},
{
"name": "VU#289235",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/289235"
},
{
"name": "1020505",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020505"
},
{
"name": "31092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31092"
},
{
"name": "ADV-2008-2108",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2108/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31141",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31141"
},
{
"name": "blackberry-unite-pdf-code-execution(43843)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43843"
},
{
"name": "http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html"
},
{
"name": "blackberry-es-pdf-code-execution(43840)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43840"
},
{
"name": "VU#289235",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/289235"
},
{
"name": "1020505",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020505"
},
{
"name": "31092",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31092"
},
{
"name": "ADV-2008-2108",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2108/references"
},
{
"name": "http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3246",
"datePublished": "2008-07-21T16:00:00",
"dateReserved": "2008-07-21T00:00:00",
"dateUpdated": "2024-08-07T09:28:41.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4778
Vulnerability from cvelistv5
Published
2010-04-21 14:00
Modified
2024-09-17 04:13
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/37167 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1023258 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/37562 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.blackberry.com/btsc/KB19860 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2009/3372 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:24.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37167",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37167"
},
{
"name": "1023258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023258"
},
{
"name": "37562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37562"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/KB19860"
},
{
"name": "ADV-2009-3372",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3372"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-21T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "37167",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37167"
},
{
"name": "1023258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023258"
},
{
"name": "37562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37562"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/KB19860"
},
{
"name": "ADV-2009-3372",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3372"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4778",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37167",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37167"
},
{
"name": "1023258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023258"
},
{
"name": "37562",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37562"
},
{
"name": "http://www.blackberry.com/btsc/KB19860",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/KB19860"
},
{
"name": "ADV-2009-3372",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3372"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4778",
"datePublished": "2010-04-21T14:00:00Z",
"dateReserved": "2010-04-21T00:00:00Z",
"dateUpdated": "2024-09-17T04:13:53.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2602
Vulnerability from cvelistv5
Published
2010-12-17 18:00
Modified
2024-08-07 02:39
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/45392 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64066 | vdb-entry, x_refsource_XF | |
| http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB24761 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2010/3237 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1024891 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/35632 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45392",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45392"
},
{
"name": "bes-attachment-service-bo(64066)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64066"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB24761"
},
{
"name": "ADV-2010-3237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3237"
},
{
"name": "1024891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024891"
},
{
"name": "35632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35632"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "45392",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45392"
},
{
"name": "bes-attachment-service-bo(64066)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64066"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB24761"
},
{
"name": "ADV-2010-3237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3237"
},
{
"name": "1024891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024891"
},
{
"name": "35632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35632"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2602",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45392"
},
{
"name": "bes-attachment-service-bo(64066)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64066"
},
{
"name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB24761",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB24761"
},
{
"name": "ADV-2010-3237",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3237"
},
{
"name": "1024891",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024891"
},
{
"name": "35632",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35632"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2602",
"datePublished": "2010-12-17T18:00:00",
"dateReserved": "2010-07-01T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2601
Vulnerability from cvelistv5
Published
2010-10-14 17:00
Modified
2024-09-16 22:30
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document.
References
| ▼ | URL | Tags |
|---|---|---|
| http://blackberry.com/btsc/KB24547 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blackberry.com/btsc/KB24547"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-10-14T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blackberry.com/btsc/KB24547"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blackberry.com/btsc/KB24547",
"refsource": "CONFIRM",
"url": "http://blackberry.com/btsc/KB24547"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2601",
"datePublished": "2010-10-14T17:00:00Z",
"dateReserved": "2010-07-01T00:00:00Z",
"dateUpdated": "2024-09-16T22:30:05.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0307
Vulnerability from cvelistv5
Published
2009-04-22 18:00
Modified
2024-08-07 04:31
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1022081 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/34573 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0170.html | mailing-list, x_refsource_FULLDISC | |
| http://secunia.com/advisories/34740 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/53772 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2009/1090 | vdb-entry, x_refsource_VUPEN | |
| http://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969&sliceID=1&command=show&forward=nonthreadedKC&kcId=KB17969 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:25.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1022081",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022081"
},
{
"name": "34573",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34573"
},
{
"name": "20090417 ERNW Security Advisory 01-2009: XSS in Blackberries Mobile Data Service Connection Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0170.html"
},
{
"name": "34740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34740"
},
{
"name": "53772",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/53772"
},
{
"name": "ADV-2009-1090",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1090"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969\u0026sliceID=1\u0026command=show\u0026forward=nonthreadedKC\u0026kcId=KB17969"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the \"Customize Statistics Page\" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1022081",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022081"
},
{
"name": "34573",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34573"
},
{
"name": "20090417 ERNW Security Advisory 01-2009: XSS in Blackberries Mobile Data Service Connection Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0170.html"
},
{
"name": "34740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34740"
},
{
"name": "53772",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/53772"
},
{
"name": "ADV-2009-1090",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1090"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969\u0026sliceID=1\u0026command=show\u0026forward=nonthreadedKC\u0026kcId=KB17969"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the \"Customize Statistics Page\" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1022081",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022081"
},
{
"name": "34573",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34573"
},
{
"name": "20090417 ERNW Security Advisory 01-2009: XSS in Blackberries Mobile Data Service Connection Service",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0170.html"
},
{
"name": "34740",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34740"
},
{
"name": "53772",
"refsource": "OSVDB",
"url": "http://osvdb.org/53772"
},
{
"name": "ADV-2009-1090",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1090"
},
{
"name": "http://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969\u0026sliceID=1\u0026command=show\u0026forward=nonthreadedKC\u0026kcId=KB17969",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969\u0026sliceID=1\u0026command=show\u0026forward=nonthreadedKC\u0026kcId=KB17969"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0307",
"datePublished": "2009-04-22T18:00:00",
"dateReserved": "2009-01-27T00:00:00",
"dateUpdated": "2024-08-07T04:31:25.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2646
Vulnerability from cvelistv5
Published
2009-07-30 19:00
Modified
2024-09-16 20:01
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.blackberry.com/btsc/KB17953 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/KB17953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-07-30T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/KB17953"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.blackberry.com/btsc/KB17953",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/KB17953"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2646",
"datePublished": "2009-07-30T19:00:00Z",
"dateReserved": "2009-07-30T00:00:00Z",
"dateUpdated": "2024-09-16T20:01:46.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4848
Vulnerability from cvelistv5
Published
2007-06-29 18:00
Modified
2024-08-08 00:01
Severity ?
EPSS score ?
Summary
Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.blackberry.com/btsc/articles/669/KB04075_f.SAL_Public.html | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35241 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2007/2419 | vdb-entry, x_refsource_VUPEN | |
| http://blog2.lemondeinformatique.fr/management_du_si/2006/05/notre_ami_imad_.html | x_refsource_MISC | |
| http://www.lemonde.fr/web/article/0%2C1-0%402-3208%2C36-777732%2C0.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/articles/669/KB04075_f.SAL_Public.html"
},
{
"name": "blackberry-decompression-bo(35241)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35241"
},
{
"name": "ADV-2007-2419",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2419"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog2.lemondeinformatique.fr/management_du_si/2006/05/notre_ami_imad_.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lemonde.fr/web/article/0%2C1-0%402-3208%2C36-777732%2C0.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/articles/669/KB04075_f.SAL_Public.html"
},
{
"name": "blackberry-decompression-bo(35241)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35241"
},
{
"name": "ADV-2007-2419",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2419"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog2.lemondeinformatique.fr/management_du_si/2006/05/notre_ami_imad_.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lemonde.fr/web/article/0%2C1-0%402-3208%2C36-777732%2C0.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.blackberry.com/btsc/articles/669/KB04075_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/articles/669/KB04075_f.SAL_Public.html"
},
{
"name": "blackberry-decompression-bo(35241)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35241"
},
{
"name": "ADV-2007-2419",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2419"
},
{
"name": "http://blog2.lemondeinformatique.fr/management_du_si/2006/05/notre_ami_imad_.html",
"refsource": "MISC",
"url": "http://blog2.lemondeinformatique.fr/management_du_si/2006/05/notre_ami_imad_.html"
},
{
"name": "http://www.lemonde.fr/web/article/0,1-0@2-3208,36-777732,0.html",
"refsource": "MISC",
"url": "http://www.lemonde.fr/web/article/0,1-0@2-3208,36-777732,0.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4848",
"datePublished": "2007-06-29T18:00:00",
"dateReserved": "2007-06-29T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2009-04-22 18:30
Modified
2024-11-21 00:59
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | * | |
| rim | blackberry_enterprise_server | 4.0 | |
| rim | blackberry_enterprise_server | 4.0 | |
| rim | blackberry_enterprise_server | 4.0.3 | |
| rim | blackberry_enterprise_server | 4.1 | |
| rim | blackberry_enterprise_server | 4.1 | |
| rim | blackberry_enterprise_server | 4.1.3 | |
| rim | blackberry_enterprise_server | 4.1.4 | |
| rim | blackberry_enterprise_server | 4.1.5 | |
| rim | blackberry_enterprise_server | 4.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:*:mr4:*:*:*:*:*:*",
"matchCriteriaId": "1200C916-4168-49E6-A0F4-665F6A5954F6",
"versionEndIncluding": "4.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7A2FFD-C840-459C-95C2-92FEDF341D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8E297652-3533-4B2B-BA9E-FDC452BAE650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FB6C5-1EA2-451E-A89B-9CE5EE3F8626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ACEF3E-E394-45E2-B20F-8575C92A490F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "9F71618E-5CB6-41A7-9705-6AD4344CDEA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BD344A-EE9C-4ECB-8CB1-35146FD6F056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1694E42-9AA5-4503-9714-CBDE388481A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F378AF-E25B-4D60-AF7E-9E6FB228BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "265D8F90-96C3-4627-ABA5-994C25F70A45",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the \"Customize Statistics Page\" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters."
},
{
"lang": "es",
"value": "Una Vulnerabilidad de tipo Cross-Site Scripting (XSS) en la \"Customize Statistics Page\" (admin/statistics/ConfigureStatistics) en el servicio de conexi\u00f3n MDS en Research in Motion (RIM) BlackBerry Enterprise Server (BES) anterior a versi\u00f3n 4.1.6 MR5 permite a atacantes remotos inyectar script web o HTML arbitrario por medio de los par\u00e1metros (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, y (11) referenceTime."
}
],
"id": "CVE-2009-0307",
"lastModified": "2024-11-21T00:59:36.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-22T18:30:00.170",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0170.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/53772"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34740"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969\u0026sliceID=1\u0026command=show\u0026forward=nonthreadedKC\u0026kcId=KB17969"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34573"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022081"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0170.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/53772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969\u0026sliceID=1\u0026command=show\u0026forward=nonthreadedKC\u0026kcId=KB17969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1090"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-20 23:59
Severity ?
Summary
Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 4.0 | |
| rim | blackberry_enterprise_server | 4.0_sp1 | |
| rim | blackberry_router | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7A2FFD-C840-459C-95C2-92FEDF341D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5E40FD-5EC5-4D71-8B53-805A7399675D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19D60287-6FB4-4F5E-A863-1E092D5F637E",
"versionEndIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets."
}
],
"id": "CVE-2005-2342",
"lastModified": "2024-11-20T23:59:21.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/18277"
},
{
"source": "cret@cert.org",
"url": "http://securitytracker.com/id?1015427"
},
{
"source": "cret@cert.org",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/392920"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/16100"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/392920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0011"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-20 23:59
Severity ?
Summary
Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://secunia.com/advisories/18277 | Patch, Vendor Advisory | |
| cret@cert.org | http://securitytracker.com/id?1015426 | Patch | |
| cret@cert.org | http://www.kb.cert.org/vuls/id/570768 | Third Party Advisory, US Government Resource | |
| cret@cert.org | http://www.securityfocus.com/bid/16098 | ||
| cret@cert.org | http://www.vupen.com/english/advisories/2006/0011 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18277 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015426 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/570768 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16098 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/0011 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_attachment_service | * | |
| rim | blackberry_enterprise_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_attachment_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6264B96E-29D0-402B-AB80-A553C1F3A561",
"versionEndIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "903C5597-9F41-43C3-B311-F551D12339A8",
"versionEndIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file."
}
],
"id": "CVE-2005-2341",
"lastModified": "2024-11-20T23:59:20.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18277"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015426"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/570768"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/16098"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/570768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0011"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-30 19:30
Modified
2024-11-21 01:05
Severity ?
Summary
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.blackberry.com/btsc/KB17953 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.blackberry.com/btsc/KB17953 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 4.1 | |
| rim | blackberry_enterprise_server | 4.1 | |
| rim | blackberry_enterprise_server | 4.1 | |
| rim | blackberry_enterprise_server | 4.1 | |
| rim | blackberry_enterprise_server | 4.1.3 | |
| rim | blackberry_enterprise_server | 4.1.4 | |
| rim | blackberry_enterprise_server | 4.1.5 | |
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_professional_software | 4.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ACEF3E-E394-45E2-B20F-8575C92A490F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C599BDFD-7985-4709-B7CA-2ED0A4B0F327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1:sp2:domino:*:*:*:*:*",
"matchCriteriaId": "B1CACCFE-8037-4B21-B386-31F8B5981089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "9F71618E-5CB6-41A7-9705-6AD4344CDEA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BD344A-EE9C-4ECB-8CB1-35146FD6F056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1694E42-9AA5-4503-9714-CBDE388481A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F378AF-E25B-4D60-AF7E-9E6FB228BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "265D8F90-96C3-4627-ABA5-994C25F70A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:mr4:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A6BD-C0D7-40E0-BE1A-EC4396853296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_professional_software:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8534B50D-D051-4B26-957E-1A3E26E1E767",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219."
},
{
"lang": "es",
"value": "Vulnerabilidad m\u00faltiple no especificado en PDF distiller en el componente Attachment Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) software v4.1.3 hasta v4.1.6 y BlackBerry Professional Software v4.1.4 permite a los atacantes remotos asistidos por usuarios causar una denegaci\u00f3n de memoria(corrupci\u00f3n de memoria) o posiblemente ejecutar arbitrariamente c\u00f3digo a trav\u00e9s de un fichero adjunto .pdf manipulado, una vulnerabilidad diferente a CVE-2008-3246 y CVE-2009-0219."
}
],
"id": "CVE-2009-2646",
"lastModified": "2024-11-21T01:05:23.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-07-30T19:30:00.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB17953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB17953"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-17 19:00
Modified
2024-11-21 01:16
Severity ?
Summary
Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_enterprise_server | 4.1.7 | |
| rim | blackberry_enterprise_server | 5.0.0 | |
| rim | blackberry_enterprise_server | 5.0.1 | |
| rim | blackberry_enterprise_server | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "265D8F90-96C3-4627-ABA5-994C25F70A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3E00E895-AEEC-406B-9DC2-D01916BB1CCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7EBA5181-F946-4F86-B5DB-07795ACF32D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85752BAD-8110-41B4-BAEF-4C97BFDA046A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "377D4536-5EAC-4F0A-94AD-4D326935A142",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el componente PDF Distiller en BlackBerry Attachment Service en BlackBerry Enterprise Server v5.0.0 hasta v5.0.2, v4.1.6, y v4.1.7, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado."
}
],
"id": "CVE-2010-2602",
"lastModified": "2024-11-21T01:16:59.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-17T19:00:03.103",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35632"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB24761"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45392"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024891"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3237"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB24761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64066"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-07-21 16:41
Modified
2024-11-21 00:48
Severity ?
Summary
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| blackberry | enterprise_server | 4.1 | |
| blackberry | enterprise_server | 4.1.3 | |
| blackberry | enterprise_server | 4.1.4 | |
| blackberry | enterprise_server | 4.1.5 | |
| blackberry | unite | 1.0 | |
| blackberry | unite | 1.0.1 | |
| rim | blackberry_enterprise_server | 4.1.3 | |
| rim | blackberry_enterprise_server | 4.1.4 | |
| rim | blackberry_enterprise_server | 4.1.5 | |
| rim | blackberry_enterprise_server_for_domino | * | |
| rim | blackberry_enterprise_server_for_exchange | * | |
| rim | blackberry_enterprise_server_for_novell_groupwise | * | |
| rim | blackberry_unite | 1.0 | |
| rim | blackberry_unite | 1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:blackberry:enterprise_server:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "1B8B0D10-A7DD-4D8A-B994-6A41FD7AA8C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:blackberry:enterprise_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "014E79FB-0E10-4BEF-9618-F436A6CF3F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:blackberry:enterprise_server:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B0D729-6092-4A9C-ADE6-2D770417891F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:blackberry:enterprise_server:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "965CD573-84C1-4456-9C28-6FBD9B0596A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:blackberry:unite:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "90B1FF3F-4FF8-409F-B93B-39423FD34CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:blackberry:unite:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A93A7-823C-48BF-A421-37524CF8DC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BD344A-EE9C-4ECB-8CB1-35146FD6F056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1694E42-9AA5-4503-9714-CBDE388481A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F378AF-E25B-4D60-AF7E-9E6FB228BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C53C3B7A-7C80-478C-9D69-B9C22D84B48C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_for_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3B5350-5796-47F1-B2D1-E8AC86D28C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_for_novell_groupwise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C218F357-9BA3-48E7-AD07-8E7A7B70ECAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_unite:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "BB792C74-CD6A-4903-8D11-59B0393F74CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_unite:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF3712A-46BB-4DC1-947F-228EEF5DBAB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente PDF distiller en el BlackBerry Attachment Service en BlackBerry Unite! 1.0 SP1 (1.0.1) anterior a bundle 36 y BlackBerry Enterprise Server 4.1 SP3 (4.1.3) a la v4.1 SP5 (4.1.5), permite atacantes remotos asistidos por el usuario ejecutar c\u00f3digod e su elecci\u00f3n a trav\u00e9s de un fichero PDF adjunto manipulado."
}
],
"id": "CVE-2008-3246",
"lastModified": "2024-11-21T00:48:47.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-07-21T16:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31092"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31141"
},
{
"source": "cve@mitre.org",
"url": "http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/289235"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020505"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2108/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43840"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/289235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2108/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43843"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-28 19:30
Modified
2024-11-21 01:05
Severity ?
Summary
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 4.1.3 | |
| rim | blackberry_enterprise_server | 4.1.4 | |
| rim | blackberry_enterprise_server | 4.1.5 | |
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_enterprise_server | 5.0 | |
| rim | blackberry_professional_software | 4.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BD344A-EE9C-4ECB-8CB1-35146FD6F056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1694E42-9AA5-4503-9714-CBDE388481A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F378AF-E25B-4D60-AF7E-9E6FB228BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "265D8F90-96C3-4627-ABA5-994C25F70A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:mr4:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A6BD-C0D7-40E0-BE1A-EC4396853296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "277BF68B-8280-4B2B-9A67-F13341253D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_professional_software:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8534B50D-D051-4B26-957E-1A3E26E1E767",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades sin especificar en el componente PDF distiller en el Attachment Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) v4.1.3 a la v5.0 y BlackBerry Professional Software v4.1.4, permite a atacantes remotos asistidos por el usuario provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un adjunto con un archivo .pdf. Vulnerabilidad distinta de CVE-2008-3246 y CVE-2009-0219."
}
],
"id": "CVE-2009-2643",
"lastModified": "2024-11-21T01:05:23.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-07-28T19:30:00.437",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35254"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB18327"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/54767"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/35102"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022295"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1429"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB18327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/54767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50755"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-20 23:59
Severity ?
Summary
The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 4.0 | |
| rim | blackberry_enterprise_server | 4.0_sp1 | |
| rim | blackberry_enterprise_server | 4.0_sp2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7A2FFD-C840-459C-95C2-92FEDF341D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5E40FD-5EC5-4D71-8B53-805A7399675D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "50F49149-8B10-4C98-AD6F-066CD05FB637",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow."
}
],
"id": "CVE-2005-2344",
"lastModified": "2024-11-20T23:59:21.247",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18393"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/646976"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/16204"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0127"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/646976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24063"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-21 14:30
Modified
2024-11-21 01:10
Severity ?
Summary
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 4.1.3 | |
| rim | blackberry_enterprise_server | 4.1.4 | |
| rim | blackberry_enterprise_server | 4.1.5 | |
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_enterprise_server | 4.1.7 | |
| rim | blackberry_enterprise_server | 5.0.0 | |
| rim | blackberry_professional_software | 4.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BD344A-EE9C-4ECB-8CB1-35146FD6F056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1694E42-9AA5-4503-9714-CBDE388481A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F378AF-E25B-4D60-AF7E-9E6FB228BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "265D8F90-96C3-4627-ABA5-994C25F70A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3E00E895-AEEC-406B-9DC2-D01916BB1CCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7EBA5181-F946-4F86-B5DB-07795ACF32D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_professional_software:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8534B50D-D051-4B26-957E-1A3E26E1E767",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en PDF distiller en el componente Attachment Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) software v4.1.3 hasta v4.1.7 y v5.0.0, y BlackBerry Professional Software v4.1.4, permite a atacantes remotos asistidos por usuarios causar una denegaci\u00f3n de servicio (ca\u00edda de memoria) o probablemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero adjunto .pdf manipulado, una vulnerabilidad diferente que CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646."
}
],
"evaluatorImpact": "Per: http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB19860\r\n\r\n\u0027These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a BlackBerry smartphone that is associated with a user account on a BlackBerry Enterprise Server, could cause memory corruption and possibly lead to a Denial of Service (DoS) condition or arbitrary code execution on the computer that hosts the BlackBerry Attachment Service component of that BlackBerry Enterprise Server.\u0027",
"id": "CVE-2009-4778",
"lastModified": "2024-11-21T01:10:25.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-21T14:30:00.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37562"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB19860"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/37167"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023258"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB19860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3372"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-28 20:30
Modified
2024-11-21 00:33
Severity ?
Summary
Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 4.0 | |
| rim | blackberry_enterprise_server | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7A2FFD-C840-459C-95C2-92FEDF341D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ACEF3E-E394-45E2-B20F-8575C92A490F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware."
},
{
"lang": "es",
"value": "Research en Motion BlackBerry Enterprise Server 4.0 hasta 4.1 tiene una configuraci\u00f3n por defecto que permite la instalaci\u00f3n de aplicaciones arbitrarias de terceros en dispositivos BlackBerry, lo cual podr\u00eda facilitar la carga de malware."
}
],
"id": "CVE-2007-3483",
"lastModified": "2024-11-21T00:33:21.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-28T20:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.praetoriang.net/presentations/blackjack.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.praetoriang.net/presentations/blackjack.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35442"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-07-14 23:55
Modified
2024-11-21 01:23
Severity ?
Summary
Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 5.0.1 | |
| rim | blackberry_enterprise_server | 5.0.2 | |
| rim | blackberry_enterprise_server | 5.0.3 | |
| rim | blackberry_enterprise_server_express | 5.0.1 | |
| rim | blackberry_enterprise_server_express | 5.0.2 | |
| rim | blackberry_enterprise_server_express | 5.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85752BAD-8110-41B4-BAEF-4C97BFDA046A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "377D4536-5EAC-4F0A-94AD-4D326935A142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11FF9320-7C94-4700-81A8-E7D7694EB97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "079D4AE1-AA56-4169-8073-E665452A0BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D861AF4-F293-40D9-BFA9-1EECBDFA8253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCBE102-EECD-428A-825A-00E4A9159D20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la API de BlackBerry Administration en Research In Motion (RIM) BlackBerry Enterprise Server (BES) en v5.0.1 hasta v5.0.3, y BlackBerry Enterprise Server Express v5.0.1 hasta v5.0.3, permite a atacantes remotos leer archivos de texto o causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2011-0287",
"lastModified": "2024-11-21T01:23:42.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-07-14T23:55:02.053",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45242"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB27258"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/48655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB27258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48655"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-18 18:55
Modified
2024-11-21 01:23
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 5.0.0 | |
| rim | blackberry_enterprise_server | 5.0.1 | |
| rim | blackberry_enterprise_server | 5.0.2 | |
| rim | blackberry_enterprise_server | 5.0.3 | |
| rim | blackberry_enterprise_server_express | 5.0.1 | |
| rim | blackberry_enterprise_server_express | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7EBA5181-F946-4F86-B5DB-07795ACF32D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85752BAD-8110-41B4-BAEF-4C97BFDA046A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "377D4536-5EAC-4F0A-94AD-4D326935A142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11FF9320-7C94-4700-81A8-E7D7694EB97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "079D4AE1-AA56-4169-8073-E665452A0BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D861AF4-F293-40D9-BFA9-1EECBDFA8253",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en webdesktop/app en el componente BlackBerry Web Desktop Manager en el software Research In Motion (RIM) BlackBerry Enterprise Server (BES) anterior a v5.0.2 MR5 y v5.0.3 anterior a MR1,y el software BlackBerry Enterprise Server Express v5.0.1 y v5.0.2, permite a atacantes remotos inyectar script o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro displayErrorMessage en una acci\u00f3n ManageDevices."
}
],
"id": "CVE-2011-0286",
"lastModified": "2024-11-21T01:23:42.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-04-18T18:55:00.877",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44183"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025356"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB26296"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/47324"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB26296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0971"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-25 10:07
Modified
2024-11-21 00:19
Severity ?
Summary
Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:*:*:domino:*:*:*:*:*",
"matchCriteriaId": "228A0AB8-A0C4-48DB-8450-45CEAAEC098F",
"versionEndIncluding": "4.1_sp2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee\u0027s calendar meeting time."
},
{
"lang": "es",
"value": "Investigaciones sobre el Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 anterior al Hotfix 1 para IBM Lotus Domino pueden permitir a atacantes remotos, con privilegios de organizador de eventos, causar la denegaci\u00f3n de servicio (colgar la aplicaci\u00f3n) a trav\u00e9s del borrado de una convocatoria de reuni\u00f3n peri\u00f3dica cuando cambian la hora de encuentro en el calendario de los asistentes."
}
],
"id": "CVE-2006-5489",
"lastModified": "2024-11-21T00:19:26.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-25T10:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22408"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017101"
},
{
"source": "cve@mitre.org",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch\u0026nodeId=1276788"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/29897"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4133"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch\u0026nodeId=1276788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/29897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29678"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:05
Severity ?
Summary
Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED991EC-403D-4C33-A1C8-C494684C2997",
"versionEndIncluding": "4.0_sp1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets."
}
],
"id": "CVE-2005-4848",
"lastModified": "2024-11-21T00:05:19.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog2.lemondeinformatique.fr/management_du_si/2006/05/notre_ami_imad_.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.blackberry.com/btsc/articles/669/KB04075_f.SAL_Public.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.lemonde.fr/web/article/0%2C1-0%402-3208%2C36-777732%2C0.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2419"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog2.lemondeinformatique.fr/management_du_si/2006/05/notre_ami_imad_.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.blackberry.com/btsc/articles/669/KB04075_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.lemonde.fr/web/article/0%2C1-0%402-3208%2C36-777732%2C0.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35241"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-21 10:55
Modified
2024-11-21 01:23
Severity ?
Summary
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 5.0.3 | |
| lotus | domino | * | |
| microsoft | exchange_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11FF9320-7C94-4700-81A8-E7D7694EB97D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lotus:domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1DDF69-2820-4ADA-BB83-1E9704AF3CC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "261FB692-DD0F-494F-A25A-AFCC00BE4585",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors."
},
{
"lang": "es",
"value": "BlackBerry Collaboration Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) v5.0.3 a trav\u00e9s de MR4 para Microsoft Exchange y Lotus Domino permite, a usuarios remotos autenticados, a acceder a cuentas de usuario de su elecci\u00f3n asociados con la misma organizaci\u00f3n, y enviar mensajes, leer los mensajes, leer las listas de contactos o causar una denegaci\u00f3n de servicio (indisponibilidad de inicio de sesi\u00f3n), a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2011-0290",
"lastModified": "2024-11-21T01:23:43.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-10-21T10:55:03.757",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46370"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1026179"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB28524"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/76286"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/50064"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1026179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB28524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/76286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70519"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-18 02:02
Modified
2024-11-21 00:07
Severity ?
Summary
Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 2.2 | |
| rim | blackberry_enterprise_server | 2.2_sp2 | |
| rim | blackberry_enterprise_server | 2.2_sp2a | |
| rim | blackberry_enterprise_server | 2.2_sp3a | |
| rim | blackberry_enterprise_server | 2.2_sp4 | |
| rim | blackberry_enterprise_server | 2.2_sp4_hotfix2 | |
| rim | blackberry_enterprise_server | 3.6 | |
| rim | blackberry_enterprise_server | 3.6.1 | |
| rim | blackberry_enterprise_server | 3.6_sp1a | |
| rim | blackberry_enterprise_server | 3.6_sp4_hotfix2 | |
| rim | blackberry_enterprise_server | 4.0 | |
| rim | blackberry_enterprise_server | 4.0 | |
| rim | blackberry_enterprise_server | 4.0_sp1 | |
| rim | blackberry_enterprise_server | 4.0_sp1 | |
| rim | blackberry_enterprise_server | 4.0_sp2 | |
| rim | blackberry_enterprise_server | 4.0_sp2 | |
| rim | blackberry_enterprise_server | 4.0_sp3 | |
| rim | blackberry_enterprise_server | 4.0_sp3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D89945C2-883A-4388-8EEB-52C774397A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:2.2_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "D448BA87-13CB-461E-B5FB-7A25617E2727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:2.2_sp2a:*:*:*:*:*:*:*",
"matchCriteriaId": "B49A5797-A1D8-4EBE-B245-7C5D8DE202CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:2.2_sp3a:*:*:*:*:*:*:*",
"matchCriteriaId": "5E87805B-85B0-4004-BE3C-BD6A606603DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:2.2_sp4:*:*:*:*:*:*:*",
"matchCriteriaId": "66E80C5A-50B5-4AB8-B3C5-9EDC1CE6D691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:2.2_sp4_hotfix2:*:*:*:*:*:*:*",
"matchCriteriaId": "48F8FB3C-3C4D-445C-9698-F909857CE060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:3.6:*:exchange:*:*:*:*:*",
"matchCriteriaId": "B1FCB859-6D34-4D25-81A4-C7A190796353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:3.6.1:*:exchange:*:*:*:*:*",
"matchCriteriaId": "6D72EF02-AC31-49CA-B941-9A3EE3681DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:3.6_sp1a:*:exchange:*:*:*:*:*",
"matchCriteriaId": "2D6C3AC1-728C-4C41-A51E-845FC97C9304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:3.6_sp4_hotfix2:*:exchange:*:*:*:*:*",
"matchCriteriaId": "41C4E2AB-E445-4AEE-8A80-DEDBF58969A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "0F464E52-6DF6-4F88-BA5A-1D04C945E892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0:*:novell_groupwise:*:*:*:*:*",
"matchCriteriaId": "D4B64528-A373-4BA4-8C00-1E1FC41D8FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0_sp1:*:domino:*:*:*:*:*",
"matchCriteriaId": "7DE7336D-D9F6-45EC-9C11-6E999A15AC3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0_sp1:*:novell_groupwise:*:*:*:*:*",
"matchCriteriaId": "2C1BE106-EB0E-473D-8700-D4B4837B6D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0_sp2:*:domino:*:*:*:*:*",
"matchCriteriaId": "80FA8083-7E9B-45B6-A77E-8B84F5E99A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0_sp2:*:novell_groupwise:*:*:*:*:*",
"matchCriteriaId": "082140AD-602C-4E0F-8F9A-DD8CC5AEE7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0_sp3:*:domino:*:*:*:*:*",
"matchCriteriaId": "31BD0BCD-D3FF-4C36-86C9-13715AD6789A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0_sp3:*:novell_groupwise:*:*:*:*:*",
"matchCriteriaId": "1465EC3C-2CC0-46B1-A05F-C579E6C656FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device."
}
],
"id": "CVE-2006-0761",
"lastModified": "2024-11-21T00:07:16.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-02-18T02:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753\u0026vernum=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/424728/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16590"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0530"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753\u0026vernum=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/424728/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24629"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-13 01:00
Modified
2024-11-21 01:16
Severity ?
Summary
Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | 4.1.3 | |
| rim | blackberry_enterprise_server | 4.1.4 | |
| rim | blackberry_enterprise_server | 4.1.5 | |
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_enterprise_server | 4.1.7 | |
| rim | blackberry_enterprise_server | 5.0.0 | |
| rim | blackberry_enterprise_server | 5.0.1 | |
| rim | blackberry_enterprise_server | 5.0.2 | |
| rim | blackberry_enterprise_server_express | 5.0.1 | |
| rim | blackberry_enterprise_server_express | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BD344A-EE9C-4ECB-8CB1-35146FD6F056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1694E42-9AA5-4503-9714-CBDE388481A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F378AF-E25B-4D60-AF7E-9E6FB228BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "265D8F90-96C3-4627-ABA5-994C25F70A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:mr4:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A6BD-C0D7-40E0-BE1A-EC4396853296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3E00E895-AEEC-406B-9DC2-D01916BB1CCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7EBA5181-F946-4F86-B5DB-07795ACF32D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85752BAD-8110-41B4-BAEF-4C97BFDA046A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "377D4536-5EAC-4F0A-94AD-4D326935A142",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "079D4AE1-AA56-4169-8073-E665452A0BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D861AF4-F293-40D9-BFA9-1EECBDFA8253",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en PDF Distiller en el componente de BlackBerry Attachment Service de Research In Motion (RIM) BlackBerry Enterprise Server v4.1.3 hasta v5.0.2, y Enterprise Server Express v5.0.1 y v5.0.2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo PDF manipulado."
}
],
"id": "CVE-2010-2604",
"lastModified": "2024-11-21T01:16:59.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-01-13T01:00:01.553",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/70393"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42882"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB25382"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45753"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024953"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0081"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/70393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackberry.com/btsc/KB25382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64621"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-10-14 18:00
Modified
2024-11-21 01:16
Severity ?
Summary
Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://blackberry.com/btsc/KB24547 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blackberry.com/btsc/KB24547 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rim | blackberry_enterprise_server | * | |
| rim | blackberry_enterprise_server | 2.2 | |
| rim | blackberry_enterprise_server | 3.6 | |
| rim | blackberry_enterprise_server | 3.6.1 | |
| rim | blackberry_enterprise_server | 4.0 | |
| rim | blackberry_enterprise_server | 4.0 | |
| rim | blackberry_enterprise_server | 4.0.3 | |
| rim | blackberry_enterprise_server | 4.1 | |
| rim | blackberry_enterprise_server | 4.1.3 | |
| rim | blackberry_enterprise_server | 4.1.4 | |
| rim | blackberry_enterprise_server | 4.1.5 | |
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_enterprise_server | 4.1.6 | |
| rim | blackberry_enterprise_server | 5.0.0 | |
| rim | blackberry_enterprise_server | 5.0.1 | |
| rim | blackberry_enterprise_server | 5.0.2 | |
| rim | blackberry_professional_software | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72D28D57-8427-43D0-805C-C3D5040E9B57",
"versionEndIncluding": "4.1.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D89945C2-883A-4388-8EEB-52C774397A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "41EEFB40-C1E6-472A-BA67-94FDDCFC5A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A0A85E46-714C-40C6-9128-22D392FD7442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7A2FFD-C840-459C-95C2-92FEDF341D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8E297652-3533-4B2B-BA9E-FDC452BAE650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FB6C5-1EA2-451E-A89B-9CE5EE3F8626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ACEF3E-E394-45E2-B20F-8575C92A490F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BD344A-EE9C-4ECB-8CB1-35146FD6F056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1694E42-9AA5-4503-9714-CBDE388481A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16F378AF-E25B-4D60-AF7E-9E6FB228BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "265D8F90-96C3-4627-ABA5-994C25F70A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:mr4:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A6BD-C0D7-40E0-BE1A-EC4396853296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7EBA5181-F946-4F86-B5DB-07795ACF32D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85752BAD-8110-41B4-BAEF-4C97BFDA046A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "377D4536-5EAC-4F0A-94AD-4D326935A142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rim:blackberry_professional_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B46C310F-5BC8-4F7B-92A0-35098A3A6AE0",
"versionEndIncluding": "4.1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en PDF distiller en el componente Attachment Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) software v4.1.7 and earlier y v5.0.0 hasta v5.0.2, y BlackBerry Professional Software v4.1.4 and earlier, permite a atacantse asistidos por usuarios remotos causar una denegacion de servicio y probablemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento PDF manipulado. \r\n\r\n\r\n"
}
],
"id": "CVE-2010-2601",
"lastModified": "2024-11-21T01:16:59.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-10-14T18:00:03.837",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blackberry.com/btsc/KB24547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blackberry.com/btsc/KB24547"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}