Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog - Blackberry Server Vulnerability InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Blackberry Server Vulnerability

Published: 2009-05-29
Last Updated: 2009-05-29 13:48:20 UTC
by Lorna Hutcheson (Version: 1)
0 comment(s)

For all of you running around with a Blackberry, be careful of opening .pdf files.  A vulnerability announced on Tuesday allows for specially crafted .pdf files when opened on your blackberry to potentially  "cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service."  If you have not done so, please make sure your servers are patched. The versions afftected are:

  • BlackBerry® Enterprise Server software version 4.1 Service Pack 3 (4.1.3) through 5.0
  • BlackBerry® Professional Software 4.1 Service Pack 4 (4.1.4)

If anyone has gotten or gets a malicious .pdf, please send us a copy.

0 comment(s)
Diary Archives