CVE-2009-0307 – BlackBerry Enterprise Server 4.0/4.1 - MDS Connection Service Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-0307
Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters. Una Vulnerabilidad de tipo Cross-Site Scripting (XSS) en la "Customize Statistics Page" (admin/statistics/ConfigureStatistics) en el servicio de conexión MDS en Research in Motion (RIM) BlackBerry Enterprise Server (BES) anterior a versión 4.1.6 MR5 permite a atacantes remotos inyectar script web o HTML arbitrario por medio de los parámetros (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, y (11) referenceTime. • https://www.exploit-db.com/exploits/32927 http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0170.html http://osvdb.org/53772 http://secunia.com/advisories/34740 http://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969&sliceID=1&command=show&forward=nonthreadedKC&kcId=KB17969 http://www.securityfocus.com/bid/34573 http://www.securitytracker.com/id?1022081 http://www.vupen.com/english/advisories/2009/1090 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2009-0219
https://notcve.org/view.php?id=CVE-2009-0219
The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file. El PDF distiller en el servicio Attachment en Research in Motion (RIM) BlackBerry Enterprise Server (BES) v4.1.3 hasta v4.1.6, BlackBerry Professional Software v4.1.4, y BlackBerry Unite! anteriores a v1.0.3 bundle 28 realiza operaciones de borrado en punteros sin inicializar, lo que permite a atacantes remotos ayudados por el usuario ejecutar código de su elección a través de una secuencia de datos manipulada en un fichero .pdf. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=766 http://secunia.com/advisories/33534 http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118 http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119 http://www.securityfocus.com/bid/33250 http://www.securitytracker.com/id?1021559 • CWE-399: Resource Management Errors •
CVE-2009-0176
https://notcve.org/view.php?id=CVE-2009-0176
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps." Múltiples desbordamientos de búfer basados en montículo en PDF distiller en el Servicio de Adjuntar en Research in Motion (RIM) Blackberry Enterprise Server (BES) v4.1.3 hasta 4.1.6, Blackberry Professional Software v4.1.4, y blackberry Unite! anteriores a v1.0.3 bundle 28, permite a atacantes remotos asistidos por usuarios, ejecutar código de su elección a a través (1)cadena manípulada en un fichero .PDF, relativo a "symWidths"; o (2) a cadenas de datos manipulada en un fichero .PDF, relativo a "bitmaps". • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=764 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=765 http://secunia.com/advisories/33534 http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118 http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119 http://www.securityfocus.com/bid/33224 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-3246
https://notcve.org/view.php?id=CVE-2008-3246
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment. Vulnerabilidad sin especificar en el componente PDF distiller en el BlackBerry Attachment Service en BlackBerry Unite! 1.0 SP1 (1.0.1) anterior a bundle 36 y BlackBerry Enterprise Server 4.1 SP3 (4.1.3) a la v4.1 SP5 (4.1.5), permite atacantes remotos asistidos por el usuario ejecutar códigod e su elección a través de un fichero PDF adjunto manipulado. • http://secunia.com/advisories/31092 http://secunia.com/advisories/31141 http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html http://www.kb.cert.org/vuls/id/289235 http://www.securitytracker.com/id?1020505 http://www.vupen.com/english/advisories/2008/2108/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43840 https://exchange.xforce.ibmcloud.com/vulnerabilities/43843 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2006-5489
https://notcve.org/view.php?id=CVE-2006-5489
Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time. Investigaciones sobre el Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 anterior al Hotfix 1 para IBM Lotus Domino pueden permitir a atacantes remotos, con privilegios de organizador de eventos, causar la denegación de servicio (colgar la aplicación) a través del borrado de una convocatoria de reunión periódica cuando cambian la hora de encuentro en el calendario de los asistentes. • http://secunia.com/advisories/22408 http://securitytracker.com/id?1017101 http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch&nodeId=1276788 http://www.osvdb.org/29897 http://www.vupen.com/english/advisories/2006/4133 https://exchange.xforce.ibmcloud.com/vulnerabilities/29678 •