CVE-2010-2604
Last modified
CVE-2010-2604 is a vulnerability of currently unknown severity. Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file.. EPSS estimates a 5.72% chance of exploitation in the next 30 days.
Description
Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Rim | Blackberry Enterprise Server | 4.1.3 |
| Rim | Blackberry Enterprise Server | 4.1.4 |
| Rim | Blackberry Enterprise Server | 4.1.5 |
| Rim | Blackberry Enterprise Server | 4.1.6 |
| Rim | Blackberry Enterprise Server | 4.1.7 |
| Rim | Blackberry Enterprise Server | 5.0.0 |
| Rim | Blackberry Enterprise Server | 5.0.1 |
| Rim | Blackberry Enterprise Server | 5.0.2 |
| Rim | Blackberry Enterprise Server Express | 5.0.1 |
| Rim | Blackberry Enterprise Server Express | 5.0.2 |
References
- http://secunia.com/advisories/42882Vendor Advisory
- http://www.blackberry.com/btsc/KB25382Vendor Advisory
- http://www.vupen.com/english/advisories/2011/0081Vendor Advisory
- http://secunia.com/advisories/42882Vendor Advisory
- http://www.blackberry.com/btsc/KB25382Vendor Advisory
- http://www.vupen.com/english/advisories/2011/0081Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-2604?
How severe is CVE-2010-2604?
How do I fix CVE-2010-2604?
Are you affected by CVE-2010-2604?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST