MidnightBSD

Advisories for rim

CVE-2004-1597 MEDIUM

RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rim blackberry 7230_3.7.1_.41
CVE-2005-2341 HIGH

Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
rim blackberry_attachment_service *
rim blackberry_enterprise_server *
CVE-2005-2342 HIGH

Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rim blackberry_router *
rim blackberry_enterprise_server 4.0
rim blackberry_enterprise_server 4.0_sp1
CVE-2005-2343 LOW

Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rim blackberry 7290
rim blackberry 7105t
rim blackberry 7100i
rim blackberry 8700c
rim blackberry 7100g
rim blackberry 8700f
rim blackberry 7230_3.8
rim blackberry 8700r
rim blackberry 7100t
rim blackberry_device_software 4.0
rim blackberry 7730
rim blackberry 7780
rim blackberry 7230_4.0
rim blackberry 7100v
rim blackberry 7250
rim blackberry 7520
rim blackberry 7100r
rim blackberry_desktop_manager 4.0
rim blackberry 7750
rim blackberry 7100x
rim blackberry 7280
rim blackberry 7130e
rim blackberry 7230_3.7.1_.41
CVE-2005-2344 MEDIUM

The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server 4.0_sp2
rim blackberry_enterprise_server 4.0
rim blackberry_enterprise_server 4.0_sp1
CVE-2005-4848 HIGH

Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server *
CVE-2006-0761 MEDIUM

Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server 2.2
rim blackberry_enterprise_server 4.0_sp3
rim blackberry_enterprise_server 4.0_sp2
rim blackberry_enterprise_server 2.2_sp4
rim blackberry_enterprise_server 3.6
rim blackberry_enterprise_server 2.2_sp3a
rim blackberry_enterprise_server 4.0_sp1
rim blackberry_enterprise_server 3.6_sp1a
rim blackberry_enterprise_server 3.6.1
rim blackberry_enterprise_server 2.2_sp2
rim blackberry_enterprise_server 2.2_sp2a
rim blackberry_enterprise_server 3.6_sp4_hotfix2
rim blackberry_enterprise_server 4.0
rim blackberry_enterprise_server 2.2_sp4_hotfix2
CVE-2007-3444 MEDIUM

The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service (blocked call reception) via a malformed SIP invite message, possibly related to multiple format string specifiers in the From field, a spoofed source IP address, and limitations of the function stack frame.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
rim blackberry_7270 *
rim blackberry_software 4.0
CVE-2009-4778 HIGH

Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server 4.1.3
rim blackberry_enterprise_server 4.1.4
rim blackberry_enterprise_server 4.1.6
rim blackberry_enterprise_server 4.1.5
rim blackberry_enterprise_server 5.0.0
rim blackberry_enterprise_server 4.1.7
rim blackberry_professional_software 4.1.4
CVE-2010-2599 MEDIUM

Unspecified vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 allows remote attackers to cause a denial of service (browser hang) via a crafted web page.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
rim blackberry_software 5.0.0.882
rim blackberry_software *
rim blackberry_software 4.6
rim blackberry_software 4.0
rim blackberry_software 4.5.0
rim blackberry_software 4.7
rim blackberry_software 5.0.0.983
rim blackberry_software 4.6.1
rim blackberry_software 5.0.0.1036
rim blackberry_software 4.7.1
rim blackberry_software 5.0.0.1041
rim blackberry_software 5.0.0.973
rim blackberry_software 5.0.0.593
CVE-2010-2600 HIGH

Untrusted search path vulnerability in BlackBerry Desktop Software before 6.0.0.47 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Blackberry.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rim blackberry_desktop_software 5.0
rim blackberry_desktop_software 3.0
rim blackberry_desktop_software 5.0.1
rim blackberry_desktop_software 4.5
rim blackberry_desktop_software 4.6
rim blackberry_desktop_software *
rim blackberry_desktop_software 4.0
rim blackberry_desktop_software 4.7
CVE-2010-2601 HIGH

Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server 2.2
rim blackberry_enterprise_server 4.1.3
rim blackberry_enterprise_server 4.1
rim blackberry_enterprise_server 5.0.1
rim blackberry_enterprise_server 4.1.4
rim blackberry_enterprise_server 4.1.6
rim blackberry_enterprise_server 5.0.0
rim blackberry_enterprise_server 3.6
rim blackberry_professional_software *
rim blackberry_enterprise_server 4.0.3
rim blackberry_enterprise_server *
rim blackberry_enterprise_server 5.0.2
rim blackberry_enterprise_server 3.6.1
rim blackberry_enterprise_server 4.1.5
rim blackberry_enterprise_server 4.0
CVE-2010-2602 MEDIUM

Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server 5.0.2
rim blackberry_enterprise_server 5.0.1
rim blackberry_enterprise_server 4.1.6
rim blackberry_enterprise_server 5.0.0
rim blackberry_enterprise_server 4.1.7
CVE-2010-2603 LOW

RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for Mac, uses a weak password to encrypt a database backup file, which makes it easier for local users to decrypt the file via a brute force attack.

CVSS 2.0

Severity: LOW

Problem Type: CWE-310,

Products Affected

Vendor Product Version
rim blackberry_desktop_software 5.0
rim blackberry_desktop_software 6.0
rim blackberry_desktop_software 5.0.1
rim blackberry_desktop_software 1.0
rim blackberry_desktop_software 4.7
CVE-2010-2604 HIGH

Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server 4.1.3
rim blackberry_enterprise_server 5.0.2
rim blackberry_enterprise_server 5.0.1
rim blackberry_enterprise_server_express 5.0.2
rim blackberry_enterprise_server 4.1.4
rim blackberry_enterprise_server 4.1.6
rim blackberry_enterprise_server_express 5.0.1
rim blackberry_enterprise_server 4.1.5
rim blackberry_enterprise_server 5.0.0
rim blackberry_enterprise_server 4.1.7
CVE-2010-3741 MEDIUM

The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
rim blackberry_desktop_software *
CVE-2010-3934 MEDIUM

The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an IFRAME element. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
rim blackberry_device_software 5.0.0.593
CVE-2011-0286 MEDIUM

Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server 5.0.2
rim blackberry_enterprise_server 5.0.1
rim blackberry_enterprise_server_express 5.0.2
rim blackberry_enterprise_server 5.0.3
rim blackberry_enterprise_server_express 5.0.1
rim blackberry_enterprise_server 5.0.0
CVE-2011-0287 MEDIUM

Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server 5.0.2
rim blackberry_enterprise_server 5.0.1
rim blackberry_enterprise_server_express 5.0.3
rim blackberry_enterprise_server_express 5.0.2
rim blackberry_enterprise_server 5.0.3
rim blackberry_enterprise_server_express 5.0.1
CVE-2011-0290 MEDIUM

The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
rim blackberry_enterprise_server 5.0.3
CVE-2011-1290 HIGH

Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
rim blackberry_torch_9800_firmware 6.0.0.246
rim blackberry_torch_9800 *
apple webkit *
CVE-2011-1416 MEDIUM

The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
rim blackberry_torch_9800_firmware 6.0.0.246
rim blackberry_torch_9800 *
CVE-2012-0870 HIGH

Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
rim blackberry_playbook_os 1.0.5
rim blackberry_playbook_tablet -
rim blackberry_playbook_os 1.0.8.4985
samba samba 3.0.0
rim blackberry_playbook_os 1.0
rim blackberry_playbook_os 1.0.3
rim blackberry_playbook_os 1.0.7.2942
rim blackberry_playbook_os 1.0.7.3312
rim blackberry_playbook_os *
rim blackberry_playbook_os 1.0.7
rim blackberry_playbook_os 1.0.6
rim blackberry_playbook_os 1.0.8.6067