返回 CVE 浏览器

CVE-2009-2643

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.1570%

EPSS Percentile31.16th

Published2009年7月28日

Last Modified2026年4月23日

Vulnerability Description

Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.

Affected Platforms (CPE)

📦

Rim

Blackberry Enterprise Server

= 4.1.3

📦

Rim

Blackberry Enterprise Server

= 4.1.4

📦

Rim

Blackberry Enterprise Server

= 4.1.5

📦

Rim

Blackberry Enterprise Server

= 4.1.6

📦

Rim

Blackberry Enterprise Server

= 4.1.6

📦

Rim

Blackberry Enterprise Server

= 5.0

📦

Rim

Blackberry Professional Software

= 4.1.4

References & Advisories

🔗 http://secunia.com/advisories/35254

🔗 http://www.blackberry.com/btsc/KB18327

🔗 http://www.osvdb.org/54767

🔗 http://www.securityfocus.com/bid/35102

🔗 http://www.securitytracker.com/id?1022295

🔗 http://www.vupen.com/english/advisories/2009/1429

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/50755

🔗 http://secunia.com/advisories/35254

相关漏洞威胁

CVE-2007-348310.0

Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary...

CVE-2008-32469.3

Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1)...

CVE-2009-01769.3

Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterpr...

CVE-2009-02199.3

The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, Bl...