Description
The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.
Affected products
- rim / blackberry_enterprise_server4.0 – 4.0
- rim / blackberry_enterprise_server4.0_sp1 – 4.0_sp1
- rim / blackberry_enterprise_server4.0_sp2 – 4.0_sp2
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/18393
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/24063
- MISChttp://www.securityfocus.com/bid/16204
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/0127
- MISChttp://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794
- MISChttp://www.kb.cert.org/vuls/id/646976