CVE-2010-2604

EUVD-2010-2608
Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Affected Products (NVD)
VendorProductVersion
rimblackberry_enterprise_server
4.1.3
rimblackberry_enterprise_server
4.1.4
rimblackberry_enterprise_server
4.1.5
rimblackberry_enterprise_server
4.1.6
rimblackberry_enterprise_server
4.1.6:mr4
rimblackberry_enterprise_server
4.1.7
rimblackberry_enterprise_server
5.0.0
rimblackberry_enterprise_server
5.0.1
rimblackberry_enterprise_server
5.0.2
rimblackberry_enterprise_server_express
5.0.1
rimblackberry_enterprise_server_express
5.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/70393
http://secunia.com/advisories/42882
http://www.blackberry.com/btsc/KB25382
http://www.securityfocus.com/bid/45753
http://www.securitytracker.com/id?1024953
http://www.vupen.com/english/advisories/2011/0081
https://exchange.xforce.ibmcloud.com/vulnerabilities/64621
http://osvdb.org/70393
http://secunia.com/advisories/42882
http://www.blackberry.com/btsc/KB25382
http://www.securityfocus.com/bid/45753
http://www.securitytracker.com/id?1024953
http://www.vupen.com/english/advisories/2011/0081
https://exchange.xforce.ibmcloud.com/vulnerabilities/64621