Critical security flaws found in Blackberry enterprise apps


Research in Motion (RIM) has warned of critical security flaws found in some versions of its Blackberry Enterprise Server software.

The vulnerabilities, which RIM says have a score of Common Vulnerability Scoring System (CVSS)  score of 9.3 out of 10, could allow cybercriminals to execute malicious code via malformed PDF files.

“Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry Attachment Service,” RIM said in an advisory.

“These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which... could cause memory corruption and possibly arbitrary code execution on the computer that hosts the BlackBerry Attachment Service.”

The flaws effect users of BlackBerry Enterprise Server software versions 4.1 through 5, as well as the Professional Software 4.1 service pack 4.

RIM has already released a patch and an interim security update 


Suggested Articles

Wireless operators can provide 5G services with spectrum bands both above and below 6 GHz—but that doesn't mean that all countries will let them.

Here are the stories we’re tracking today.

The 5G Mobile Network Architecture research project will implement two 5G use cases in real-world test beds.