CyberSec.Space Logo
Back to CVE Browser

CVE-2009-0219

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1390%
EPSS Percentile6.27th
PublishedJan 21, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.

Affected Platforms (CPE)

πŸ“¦
Research In Motion Limited

Blackberry Enterprise Server

= 4.1.3
πŸ“¦
Research In Motion Limited

Blackberry Enterprise Server

= 4.1.4
πŸ“¦
Research In Motion Limited

Blackberry Enterprise Server

= 4.1.5
πŸ“¦
Research In Motion Limited

Blackberry Enterprise Server

= 4.1.6
πŸ“¦
Research In Motion Limited

Blackberry Professional Software

= 4.1.4
πŸ“¦
Research In Motion Limited

Blackberry Unite

<= 1.0.3
πŸ“¦
Research In Motion Limited

Blackberry Unite

= 1.0
πŸ“¦
Research In Motion Limited

Blackberry Unite

= 1.0.1
πŸ“¦
Research In Motion Limited

Blackberry Unite

= 1.0.2

References & Advisories

πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766
πŸ”— http://secunia.com/advisories/33534
πŸ”— http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118
πŸ”— http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119
πŸ”— http://www.securityfocus.com/bid/33250
πŸ”— http://www.securitytracker.com/id?1021559
πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766
πŸ”— http://secunia.com/advisories/33534

Related Vulnerabilities

CVE-2007-348310.0

Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary...

CVE-2008-32469.3

Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1)...

CVE-2009-01769.3

Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterpr...

CVE-2009-26439.3

Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBer...