CVE-2009-0219
Last modified
CVE-2009-0219 is a vulnerability of currently unknown severity. The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.. EPSS estimates a 4.89% chance of exploitation in the next 30 days.
Description
The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Research In Motion Limited | Blackberry Enterprise Server | 4.1.3 |
| Research In Motion Limited | Blackberry Enterprise Server | 4.1.4 |
| Research In Motion Limited | Blackberry Enterprise Server | 4.1.5 |
| Research In Motion Limited | Blackberry Enterprise Server | 4.1.6 |
| Research In Motion Limited | Blackberry Professional Software | 4.1.4 |
| Research In Motion Limited | Blackberry Unite | <= 1.0.3 |
| Research In Motion Limited | Blackberry Unite | 1.0 |
| Research In Motion Limited | Blackberry Unite | 1.0.1 |
| Research In Motion Limited | Blackberry Unite | 1.0.2 |
References
- http://secunia.com/advisories/33534Vendor Advisory
- http://secunia.com/advisories/33534Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-0219?
How severe is CVE-2009-0219?
How do I fix CVE-2009-0219?
Are you affected by CVE-2009-0219?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST