9.3

CVE-2009-0219

The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.89% 0.909
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/33534
Vendor Advisory
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118
Vendor Advisory
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119
Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766
http://www.securityfocus.com/bid/33250
http://www.securitytracker.com/id?1021559