Tuesday, April 21, 2009

Research In Motion Releases Advisory for BlackBerry PDF Distiller Vulnerabilities


Research In Motion has released a security advisory to address multiple vulnerabilities in the PDF distiller of some released versions of the BlackBerry Attachment Service. The advisory lists the affected versions as BlackBerry Enterprise Server 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4. By convincing a user to view a specially crafted PDF file, an attacker may be able to execute arbitrary code on the system that hosts the Blackberry Attachment Service.

US-CERT encourages users to review BlackBerry security advisory KB17953 and apply any necessary updates.

Additional information is available in the Vulnerability Notes Database.

No comments:

Post a Comment