Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Blackberry Server Vulnerability - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Blackberry Server Vulnerability

For all of you running around with a Blackberry, be careful of opening .pdf files.  A vulnerability announced on Tuesday allows for specially crafted .pdf files when opened on your blackberry to potentially  "cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service."  If you have not done so, please make sure your servers are patched. The versions afftected are:

  • BlackBerry® Enterprise Server software version 4.1 Service Pack 3 (4.1.3) through 5.0
  • BlackBerry® Professional Software 4.1 Service Pack 4 (4.1.4)

If anyone has gotten or gets a malicious .pdf, please send us a copy.

Lorna

165 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!