FierceCIOFierceCIOTechWatchFierceMobileITFierceContentManagementFierceGovernmentIT   FierceVoIPFierceHealthITFierceFinanceIT

RIM Patches serious PDF flaw in BlackBerry Enterprise Server

July 23, 2008 — 5:49am ET | By Paul Mah
Tools
Tags
vulnerability
Service Pack 6
Rim Blackberry
Blackberry Server
BES

A critical bug in the PDF Distiller component of RIM's BlackBerry Enterprise Server (BES) could potentially result in a code injection and execution. A BlackBerry user will have to first open a maliciously crafted PDF document to trigger the flaw, though the dangers of this vulnerability cannot be understated. It is known that systems running BES 4.1 Service Pack 3 (4.1.3) to 4.1 Service Pack 5 (4.1.5) as well as BlackBerry Units prior to 1.0 Service Pack 1 (1.0.1) Bundle 36 are affected. RIM has released an official patch in the form of Service Pack 6. In the event that an installation is not possible, the recommendation will be to disable PDF processing in the Attachment Service. Instructions for this can be found here.

For more on this vulnerability:
- check out this The Register article

Click here to get the FierceMobileIT email newsletter for FREE!


Be the first to comment

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

To combat spam, please enter the code in the image.