Back to CVE Browser

CVE-2009-2643

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.1570%

EPSS Percentile31.16th

PublishedJul 28, 2009

Last ModifiedApr 23, 2026

Vulnerability Description

Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.

Affected Platforms (CPE)

📦

Rim

Blackberry Enterprise Server

= 4.1.3

📦

Rim

Blackberry Enterprise Server

= 4.1.4

📦

Rim

Blackberry Enterprise Server

= 4.1.5

📦

Rim

Blackberry Enterprise Server

= 4.1.6

📦

Rim

Blackberry Enterprise Server

= 4.1.6

📦

Rim

Blackberry Enterprise Server

= 5.0

📦

Rim

Blackberry Professional Software

= 4.1.4

References & Advisories

🔗 http://secunia.com/advisories/35254

🔗 http://www.blackberry.com/btsc/KB18327

🔗 http://www.osvdb.org/54767

🔗 http://www.securityfocus.com/bid/35102

🔗 http://www.securitytracker.com/id?1022295

🔗 http://www.vupen.com/english/advisories/2009/1429

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/50755

🔗 http://secunia.com/advisories/35254

Related Vulnerabilities

CVE-2007-348310.0

Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary...

CVE-2008-32469.3

Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1)...

CVE-2009-01769.3

Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterpr...

CVE-2009-02199.3

The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, Bl...