CVE-2008-3246
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
21/07/2008
Last modified:
08/08/2017
Description
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
Impact
Base Score 2.0
9.30
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:blackberry:enterprise_server:4.1:sp3:*:*:*:*:*:* | ||
cpe:2.3:a:blackberry:enterprise_server:4.1.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:blackberry:enterprise_server:4.1.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:blackberry:enterprise_server:4.1.5:*:*:*:*:*:*:* | ||
cpe:2.3:a:blackberry:unite:1.0:sp1:*:*:*:*:*:* | ||
cpe:2.3:a:blackberry:unite:1.0.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:* | ||
cpe:2.3:a:rim:blackberry_enterprise_server_for_domino:*:*:*:*:*:*:*:* | ||
cpe:2.3:a:rim:blackberry_enterprise_server_for_exchange:*:*:*:*:*:*:*:* | ||
cpe:2.3:a:rim:blackberry_enterprise_server_for_novell_groupwise:*:*:*:*:*:*:*:* | ||
cpe:2.3:a:rim:blackberry_unite:1.0:sp1:*:*:*:*:*:* | ||
cpe:2.3:a:rim:blackberry_unite:1.0.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/31092
- http://secunia.com/advisories/31141
- http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html
- http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html
- http://www.kb.cert.org/vuls/id/289235
- http://www.securitytracker.com/id?1020505=
- http://www.vupen.com/english/advisories/2008/2108/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43840
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43843