CVE

Id
37611  
CVE No.
CVE-2009-0176  
Status
Candidate  
Description
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps."  
Phase
Assigned (20090120)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
408335 37611 CVE-2009-0176 IDEFENSE:20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller "bitmaps" Heap Overflow Vulnerability  View
408336 37611 CVE-2009-0176 URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=765  View
408337 37611 CVE-2009-0176 IDEFENSE:20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller "symWidths" Heap Overflow Vulnerability  View
408338 37611 CVE-2009-0176 URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=764  View
408339 37611 CVE-2009-0176 CONFIRM:http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118  View
408340 37611 CVE-2009-0176 CONFIRM:http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119  View
408341 37611 CVE-2009-0176 BID:33224  View
408342 37611 CVE-2009-0176 URL:http://www.securityfocus.com/bid/33224  View
408343 37611 CVE-2009-0176 SECUNIA:33534  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
43409 JVNDB-2009-004416 nfs-utils 用の特定の Fedora ビルドスクリプトにおけるアクセス制限を回避される脆弱性 Fedora 上で稼動する nfs-utils 用の特定の Fedora ビルドスクリプトは、TCP Wrapper サポートを除外するため、アクセス制限を回避される脆弱性が存在します。 CVE-2009-0180 37611 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-004416.html  View