Search criteria
4 vulnerabilities found for blackberry_unite by research_in_motion_limited
CVE-2009-0219 (GCVE-0-2009-0219)
Vulnerability from nvd – Published: 2009-01-21 01:00 – Updated: 2024-08-07 04:24
VLAI?
Summary
The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33250",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33250"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766"
},
{
"name": "1021559",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021559"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "33534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-29T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33250",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33250"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766"
},
{
"name": "1021559",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021559"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "33534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33250",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33250"
},
{
"name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766"
},
{
"name": "1021559",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021559"
},
{
"name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "33534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0219",
"datePublished": "2009-01-21T01:00:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0176 (GCVE-0-2009-0176)
Vulnerability from nvd – Published: 2009-01-20 15:26 – Updated: 2024-09-17 02:31
VLAI?
Summary
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "33224",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33224"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027bitmaps\u0027 Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=765"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027symWidths\u0027 Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=764"
},
{
"name": "33534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to \"symWidths\"; or (2) a crafted data stream in a .pdf file, related to \"bitmaps.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-20T15:26:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "33224",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33224"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027bitmaps\u0027 Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=765"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027symWidths\u0027 Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=764"
},
{
"name": "33534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to \"symWidths\"; or (2) a crafted data stream in a .pdf file, related to \"bitmaps.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "33224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33224"
},
{
"name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027bitmaps\u0027 Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=765"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027symWidths\u0027 Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=764"
},
{
"name": "33534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0176",
"datePublished": "2009-01-20T15:26:00Z",
"dateReserved": "2009-01-20T00:00:00Z",
"dateUpdated": "2024-09-17T02:31:04.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0219 (GCVE-0-2009-0219)
Vulnerability from cvelistv5 – Published: 2009-01-21 01:00 – Updated: 2024-08-07 04:24
VLAI?
Summary
The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33250",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33250"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766"
},
{
"name": "1021559",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021559"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "33534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-29T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33250",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33250"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766"
},
{
"name": "1021559",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021559"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "33534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33250",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33250"
},
{
"name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766"
},
{
"name": "1021559",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021559"
},
{
"name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "33534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0219",
"datePublished": "2009-01-21T01:00:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0176 (GCVE-0-2009-0176)
Vulnerability from cvelistv5 – Published: 2009-01-20 15:26 – Updated: 2024-09-17 02:31
VLAI?
Summary
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "33224",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33224"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027bitmaps\u0027 Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=765"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027symWidths\u0027 Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=764"
},
{
"name": "33534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to \"symWidths\"; or (2) a crafted data stream in a .pdf file, related to \"bitmaps.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-20T15:26:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "33224",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33224"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027bitmaps\u0027 Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=765"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027symWidths\u0027 Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=764"
},
{
"name": "33534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to \"symWidths\"; or (2) a crafted data stream in a .pdf file, related to \"bitmaps.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17118"
},
{
"name": "33224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33224"
},
{
"name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB17119"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027bitmaps\u0027 Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=765"
},
{
"name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller \u0027symWidths\u0027 Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=764"
},
{
"name": "33534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0176",
"datePublished": "2009-01-20T15:26:00Z",
"dateReserved": "2009-01-20T00:00:00Z",
"dateUpdated": "2024-09-17T02:31:04.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}