RIM warns of Blackberry PDF vulnerability
Results 1 to 5 of 5

Thread: RIM warns of Blackberry PDF vulnerability

  1. #1
    ealvnv's Avatar
    ealvnv is offline BlackBerryOS Master Follow ealvnv On Twitter
    Join Date
    Mar 2009
    Location
    Saturn
    PIN
    which one?
    Device
    9900/PlayBook
    OS
    good question
    Carrier
    All of them
    Posts
    2,405
    Liked
    8 times

    RIM warns of Blackberry PDF vulnerability

    Wirelessly posted (via Bold)

    The firm said in a security advisory that multiple vulnerabilities with a Common Vulnerability Scoring System score of 9.3 have been found in the PDF distiller of the Attachment Service.

    "These vulnerabilities could enable a malicious individual to send an email containing a specially crafted PDF file which, when opened for viewing on a BlackBerry smartphone, could cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service," said the advisory.

    RIM has issued an interim software update that fixes these issues in the affected versions of the BlackBerry Enterprise Server and BlackBerry Professional Software.

    The firm advised users to disable PDF file processing on the server until these patches are rolled out, and said that users should only open attachments from trusted sources.

    Graham Cluley, senior technology consultant at security vendor Sophos, said in a blog post that hackers are increasingly exploiting PDFs to deliver malware to unsuspecting business users.

    "As PDFs are so widely used and shared in business most people wouldn't think twice about clicking on them, making it imperative that corporations keep their security patches and anti-malware defences up to date," he said.
    Last edited by Brett Wyman; 05-27-2009 at 04:24 PM.


    BlackBerry by Choice!


  2. #2
    olta777 is offline BlackBerryOS Wizard
    Join Date
    Apr 2009
    Device
    VZW Droid
    OS
    Custom ROM
    Posts
    4,702
    Liked
    3 times
    Thanks, that's good to know

  3. #3
    bbcrackman's Avatar
    bbcrackman is offline BlackBerryOS Grand Master
    Join Date
    Mar 2009
    PIN
    yes
    Device
    9000/9530/9630/
    OS
    5.0.0.3xx
    Posts
    2,902
    Liked
    5 times
    Thanks for the info, considering I open 90 % if my email from my BB, even though I am sitting in front of my PC..

  4. #4
    Stiefler is offline BlackBerryOS Wizard Follow Stiefler On Twitter
    Join Date
    Apr 2009
    Location
    Ohio
    Device
    Moto Droid/HTC Eris
    OS
    2.0.1/2.1
    Posts
    3,385
    Liked
    3 times
    Quote Originally Posted by bbcrackman View Post
    Thanks for the info, considering I open 90 % if my email from my BB, even though I am sitting in front of my PC..
    I do exactly the same thing lol, but this is some interesting news

  5. #5
    toytooii is offline BlackBerryOS Addict
    Join Date
    Apr 2009
    Device
    Storm 9530
    OS
    .419/.692 Hybrid by Lyricidal (Shrunk)
    Posts
    510
    Liked
    0 times
    Quote Originally Posted by Stiefler07 View Post
    I do exactly the same thing lol, but this is some interesting news
    This appears to affect ONLY users runing BES software on their servers.
    Here's a link with a bit more detail for those interested:
    View Document

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •