CVE-2010-2601

Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
rimblackberry_enterprise_server
𝑥
≤ 4.1.7
rimblackberry_enterprise_server
2.2
rimblackberry_enterprise_server
3.6
rimblackberry_enterprise_server
3.6.1
rimblackberry_enterprise_server
4.0
rimblackberry_enterprise_server
4.0:sp3
rimblackberry_enterprise_server
4.0.3
rimblackberry_enterprise_server
4.1
rimblackberry_enterprise_server
4.1.3
rimblackberry_enterprise_server
4.1.4
rimblackberry_enterprise_server
4.1.5
rimblackberry_enterprise_server
4.1.6
rimblackberry_enterprise_server
4.1.6:mr4
rimblackberry_enterprise_server
5.0.0
rimblackberry_enterprise_server
5.0.1
rimblackberry_enterprise_server
5.0.2
rimblackberry_professional_software
𝑥
≤ 4.1.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blackberry.com/btsc/KB24547
http://blackberry.com/btsc/KB24547