CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-0219

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1390%
EPSS Percentile6.27th
Published2009年1月21日
Last Modified2026年4月23日

Vulnerability Description

The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.

Affected Platforms (CPE)

📦
Research In Motion Limited

Blackberry Enterprise Server

= 4.1.3
📦
Research In Motion Limited

Blackberry Enterprise Server

= 4.1.4
📦
Research In Motion Limited

Blackberry Enterprise Server

= 4.1.5
📦
Research In Motion Limited

Blackberry Enterprise Server

= 4.1.6
📦
Research In Motion Limited

Blackberry Professional Software

= 4.1.4
📦
Research In Motion Limited

Blackberry Unite

<= 1.0.3
📦
Research In Motion Limited

Blackberry Unite

= 1.0
📦
Research In Motion Limited

Blackberry Unite

= 1.0.1
📦
Research In Motion Limited

Blackberry Unite

= 1.0.2

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766
🔗 http://secunia.com/advisories/33534
🔗 http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118
🔗 http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119
🔗 http://www.securityfocus.com/bid/33250
🔗 http://www.securitytracker.com/id?1021559
🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766
🔗 http://secunia.com/advisories/33534

相关漏洞威胁

CVE-2007-348310.0

Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary...

CVE-2008-32469.3

Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1)...

CVE-2009-01769.3

Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterpr...

CVE-2009-26439.3

Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBer...