CVE-2009-0219

The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766
http://secunia.com/advisories/33534	Vendor Advisory
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118	Vendor Advisory
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119	Vendor Advisory
http://www.securityfocus.com/bid/33250
http://www.securitytracker.com/id?1021559

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.3:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.4:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.5:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.6:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_professional_software:4.1.4:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_unite::::::::
	cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.1:::::::*
	cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.2:::::::*

History

No history.

Information

Published : 2009-01-21 01:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-0219

Mitre link : CVE-2009-0219

CVE.ORG link : CVE-2009-0219

JSON object : View

Products Affected

research_in_motion_limited

blackberry_professional_software
blackberry_enterprise_server
blackberry_unite

CWE

CWE-399

Resource Management Errors

{"id": "CVE-2009-0219", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-01-21T01:30:00.343", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/33534", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/33250", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1021559", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file."}, {"lang": "es", "value": "El PDF distiller en el servicio Attachment en Research in Motion (RIM) BlackBerry Enterprise Server (BES) v4.1.3 hasta v4.1.6, BlackBerry Professional Software v4.1.4, y BlackBerry Unite! anteriores a v1.0.3 bundle 28 realiza operaciones de borrado en punteros sin inicializar, lo que permite a atacantes remotos ayudados por el usuario ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una secuencia de datos manipulada en un fichero .pdf."}], "lastModified": "2009-02-05T06:53:18.063", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DDE9EAC-D9FF-47C2-A830-0316F74D822E"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3B71789-C43D-4D75-9C49-71D9347EF321"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59C67945-B4C6-4159-8FF0-05227D46E282"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2FE657D-6988-4A19-B0EC-8D9413AB7A5E"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_professional_software:4.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E3AB6DC-0733-4683-B495-2FF85923ACB8"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DC011EA-0F76-4554-B19D-3B93F7C1D774", "versionEndIncluding": "1.0.3"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D4FFD7E-241B-458A-AB88-C4C06E47C017"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C6120B4-CEE1-412B-9EE3-9F2B0BE690A1"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A748FD0-2FED-4C8F-9693-ED16095E917A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}