Best Blackberry Blog – Blackberry news and information » 2009 » December

Security Patch for BES PDF Vulnerability Released by Rim

Canada’s mobile phone giant, Research In Motion has issued an important security advisory which is related to a flaw in its BlackBerry Enterprise Server (BES) Software. The vulnerability which is both ranked as 9.2 and 5.7 on a scale of 0 to 10 could give hackers access to execute dangerous and malicious code and gain control of the infrastructure says company source.

The security advisory states that: “Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry attachment service component of the BlackBerry Enterprise server. These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF File, which when opened for viewing on a BlackBerry Smartphone that is associated with a user account on BlackBerry Enterprise Server, could cause memory corruption and possibly lead to a denial of service (DoS) condition or arbitrary code execution on the computer that hosts the BlackBerry Attachment service component of that BlackBerry Enterprise Server.”

According to the Common Vulnerability Scoring System (CVSS), the vulnerability is said to be ranked at 9.2 and 5.7 for both, this is as a result of the fact that the threat is reduced in some cases via tools from Microsoft for the BES software. During the week, the Canadian Phone giant released Service Pack 1 for BES 5.9. For those who have chosen to adopt the software solution, they should head to the company’s page to update their software. The company did not however give any clue as to when they are likely to deliver a fix for the 5.0 SP1 upgrade, even though it did admit that the BES 5.0 SP1 is another problem which causes users address book listings to disappear after upgrade.

The phone company however advised that BlackBerry Administrators who currently use the BES 4.1 service pack 3 (v4.1.3) to visit the RIM’s website to perform an update of their software in order to solve this issue. The flaws do not however affect versions 4.1.2 and other versions released before it.

General | Simon | December 4, 2009 4:47 pm | Comments (0)

Search
Pages
- Contact Us
- Sitemap
Blogroll
- mobile phone deals
Categories
Search
Tagcloud
8900 8900-curve Blackberry blackberry-8520 blackberry-8900-curve Blackberry-9300-Gemini Blackberry-9300-Gemini-contract Blackberry-9300-Gemini-contracts Blackberry-9300-Gemini-deal Blackberry-9300-Gemini-deals Blackberry-9300-Gemini-offer Blackberry-9300-Gemini-offers blackberry-bold BlackBerry-Bold-9700 blackberry-contract blackberry-curve blackberry-curve-8520 blackberry-curve-8520-deals blackberry-curve-8520-reviews blackberry-deals blackberry-features blackberry-mobile blackberry-mobile-phone blackberry-mobile-phones Blackberry-OS Blackberry-OS-6 blackberry-phones blackberry-review blackberry-reviews Blackberry-Storm-2 mobile mobile-contract mobile-contracts mobile-phone mobile-phone-contract mobile-phone-contracts mobile-phone-deal mobile-phone-deals mobile-phones mobilephone mobilephones mobiles phone phones RIM
Archives
Meta
- Log in
- RSS
- Comments RSS
- Valid XHTML
- XFN
- WP
Calendar

December 2009

M T W T F S S

« Nov Jul »

1 2 3 4 5 6

7 8 9 10 11 12 13

14 15 16 17 18 19 20

21 22 23 24 25 26 27

28 29 30 31

December 2009
M	T	W	T	F	S	S
« Nov				Jul »
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31

Best Blackberry Blog – Blackberry news and information

The latest Blackberry news and reviews. You heard it here first

Security Patch for BES PDF Vulnerability Released by Rim

Search

Pages

Blogroll

Categories

Search

Tagcloud

Archives

Meta

Calendar