CVE-2009-0219

The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:C/I:C/A:C
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
research_in_motion_limitedblackberry_enterprise_server
4.1.3
research_in_motion_limitedblackberry_enterprise_server
4.1.4
research_in_motion_limitedblackberry_enterprise_server
4.1.5
research_in_motion_limitedblackberry_enterprise_server
4.1.6
research_in_motion_limitedblackberry_professional_software
4.1.4
research_in_motion_limitedblackberry_unite
𝑥
≤ 1.0.3
research_in_motion_limitedblackberry_unite
1.0
research_in_motion_limitedblackberry_unite
1.0.1
research_in_motion_limitedblackberry_unite
1.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration