CVE-2005-2344

EPSS 2.02%
Veröffentlicht 31.12.2005 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cret@cert.org
CVE-Watchlists
Login
Unerledigt
Login

The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rim ≫ Blackberry Enterprise Server Version4.0

Rim ≫ Blackberry Enterprise Server Version4.0_sp1

Rim ≫ Blackberry Enterprise Server Version4.0_sp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.02%	0.821

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/18393

Patch

Vendor Advisory

http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794

Vendor Advisory

http://www.kb.cert.org/vuls/id/646976

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/16204

http://www.vupen.com/english/advisories/2006/0127

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/24063

https://nvd.nist.gov/vuln/detail/CVE-2005-2344

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2344

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2344

EUVD