CVE-2009-0219

The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118	Vendor Advisory
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119	Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766
http://secunia.com/advisories/33534	Vendor Advisory
http://www.securityfocus.com/bid/33250
http://www.securitytracker.com/id?1021559

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:research_in_motion_limited:blackberry_professional_software:4.1.4:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.1:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.5:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.6:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.3:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.4:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.2:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_unite::::::::

Information

Published : 2009-01-20 17:30

Updated : 2009-02-04 22:53

NVD link : CVE-2009-0219

Mitre link : CVE-2009-0219

JSON object : View

CWE

CWE-399

Resource Management Errors

Products Affected

research_in_motion_limited

blackberry_unite
blackberry_enterprise_server
blackberry_professional_software

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118", "name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119", "name": "http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766", "name": "20090113 RIM BlackBerry Enterprise Server Attachment Service PDF Distiller Uninitialized Memory Vulnerability", "tags": [], "refsource": "IDEFENSE"}, {"url": "http://secunia.com/advisories/33534", "name": "33534", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/33250", "name": "33250", "tags": [], "refsource": "BID"}, {"url": "http://www.securitytracker.com/id?1021559", "name": "1021559", "tags": [], "refsource": "SECTRACK"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-399"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-0219", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2009-01-21T01:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:research_in_motion_limited:blackberry_professional_software:4.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.0.3"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2009-02-05T06:53Z"}

9.3 /10