You are here

T-534: Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server

January 13, 2011 - 2:30pm

Addthis

PROBLEM:

Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server.

PLATFORM:

* BlackBerry Enterprise Server Express version 5.0.1 and 5.0.2 for Microsoft Exchange
* BlackBerry Enterprise Server Express version 5.0.2 for IBM Lotus Domino
* BlackBerry Enterprise Server versions 4.1.3 through 5.0.2 for Microsoft Exchange and IBM Lotus Domino
* BlackBerry Enterprise Server versions 4.1.3 through 5.0.1 for Novell GroupWise
* BlackBerry Professional Software version 4.1.4 for Microsoft Exchange and IBM Lotus Domino

ABSTRACT:

BlackBerry advisory describes a security issue that the BlackBerry Attachment Service component of the BlackBerry Enterprise Server is susceptible to. The issue relates to a known vulnerability in the PDF distiller component of the BlackBerry Attachment Service that affects how the BlackBerry Attachment Service processes PDF files.

reference LINKS:
 

BlackBerry Security Advisory KB25382
CVE-2010-2604
BlackBerry Downloads
SecurityTracker Alert ID: 1024953
 

IMPACT ASSESSMENT:

High

Discussion:

The vulnerability could allow a malicious individual to cause buffer overflow errors, which may result in arbitrary code execution on the computer that hosts the BlackBerry Attachment Service. While code execution is possible, an attack is more likely to result in the PDF rendering process terminating before it completes. In the event of such an unexpected process termination, the PDF rendering process will restart automatically but will not resume processing the same PDF file.

Successful exploitation of this vulnerability requires a malicious individual to persuade a BlackBerry smartphone user to open a specially crafted PDF file on a BlackBerry smartphone that is associated with a user account on a BlackBerry Enterprise Server. The PDF file may be attached to an email message or the BlackBerry smartphone user may retrieve it from a web site using the BlackBerry Browser.

The BlackBerry administrator can prevent the BlackBerry Attachment Service from processing PDF files by editing the list of file format extensions that the BlackBerry Attachment Service opens, and then preventing the PDF attachment distiller from running on the BlackBerry Attachment Service.

Solution:
 

RIM has issued the following releases and interim security software updates that resolve the vulnerabilities in affected versions of the BlackBerry Enterprise Server.

BlackBerry Enterprise Server Express version 5.0.2 for Microsoft Exchange and IBM Lotus Domino
BlackBerry Enterprise Server Express version 5.0.1 for Microsoft Exchange
BlackBerry Enterprise Server version 5.0.2 for Microsoft Exchange and IBM Lotus Domino
BlackBerry Enterprise Server version 5.0.1 for Microsoft Exchange, IBM Lotus Domino, and Novell GroupWise
BlackBerry Enterprise Server version 5.0.0 for Microsoft Exchange and IBM Lotus Domino
BlackBerry Enterprise Server version 4.1.7 for Microsoft Exchange, IBM Lotus Domino, and Novell GroupWise
BlackBerry Enterprise Server version 4.1.6 for Microsoft Exchange, IBM Lotus Domino, and Novell GroupWise
BlackBerry Update 

Addthis