CVSS: 7.8EPSS: 4%CPEs: 17EXPL: 0CVE-2010-2601
https://notcve.org/view.php?id=CVE-2010-2601
14 Oct 2010 — Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document. Múltiples desbordamientos de búfer en PDF distiller en el componente Attachment Service en Research In Motion (RIM) BlackBerry En... • http://blackberry.com/btsc/KB24547 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 0CVE-2009-2646
https://notcve.org/view.php?id=CVE-2009-2646
30 Jul 2009 — Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219. Vulnerabilidad múltiple no especificado en PDF distiller en el... • http://www.blackberry.com/btsc/KB17953 •
CVSS: 6.1EPSS: 3%CPEs: 10EXPL: 2CVE-2009-0307 – BlackBerry Enterprise Server 4.0/4.1 - MDS Connection Service Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-0307
22 Apr 2009 — Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceT... • https://www.exploit-db.com/exploits/32927 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3483
https://notcve.org/view.php?id=CVE-2007-3483
28 Jun 2007 — Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware. Research en Motion BlackBerry Enterprise Server 4.0 hasta 4.1 tiene una configuración por defecto que permite la instalación de aplicaciones arbitrarias de terceros en dispositivos BlackBerry, lo cual podría facilitar la carga de malware. • http://www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-5489
https://notcve.org/view.php?id=CVE-2006-5489
25 Oct 2006 — Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time. Investigaciones sobre el Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 anterior al Hotfix 1 para IBM Lotus Domino pueden permitir a atacantes remotos, con privilegios de organizador de eventos, causar la denegaci... • http://secunia.com/advisories/22408 •
CVSS: 8.8EPSS: 3%CPEs: 18EXPL: 0CVE-2006-0761
https://notcve.org/view.php?id=CVE-2006-0761
18 Feb 2006 — Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device. • http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753&vernum=2 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2005-4848
https://notcve.org/view.php?id=CVE-2005-4848
31 Dec 2005 — Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets. • http://blog2.lemondeinformatique.fr/management_du_si/2006/05/notre_ami_imad_.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2005-2341
https://notcve.org/view.php?id=CVE-2005-2341
31 Dec 2005 — Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file. • http://secunia.com/advisories/18277 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 4%CPEs: 3EXPL: 0CVE-2005-2342
https://notcve.org/view.php?id=CVE-2005-2342
31 Dec 2005 — Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets. • http://secunia.com/advisories/18277 •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2005-2344
https://notcve.org/view.php?id=CVE-2005-2344
31 Dec 2005 — The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow. • http://secunia.com/advisories/18393 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •