Detections
Analytics
BlackBerry Enterprise Server / Attachment Service PDF Distiller Buffer Overflow (KB24761)
high Nessus Plugin ID 51191
Language:
Synopsis
The remote Windows host has an application that is affected by a buffer overflow vulnerability.Description
The version of BlackBerry Enterprise Server on the remote host is reportedly affected by a buffer overflow vulnerability in the PDF distiller component of the BlackBerry Attachment Service. By sending a specially crafted PDF file and having it opened on a BlackBerry smartphone, an attacker may be able to execute arbitrary code on the system that runs the BlackBerry Attachment Service.Solution
Apply the vendor-supplied patches.See Also
https://salesforce.services.blackberry.com/kbredirect/viewContent.do?externalId=KB24761
Plugin Details
Severity: High
ID: 51191
File Name: blackberry_es_pdf_kb24761.nasl
Version: 1.13
Type: local
Agent: windows
Family: Windows
Published: 12/15/2010
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.6
Temporal Score: 5.6
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:rim:blackberry_enterprise_server
Required KB Items: BlackBerry_ES/Product, BlackBerry_ES/Path, BlackBerry_ES/Version, BlackBerry_ES/AttachmentServer, SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Patch Publication Date: 12/14/2010
Vulnerability Publication Date: 12/14/2010
Reference Information
CVE: CVE-2010-2602
BID: 45392
Secunia: 35632