CVSS: 9.3EPSS: 5%CPEs: 7EXPL: 0CVE-2009-2643
https://notcve.org/view.php?id=CVE-2009-2643
28 Jul 2009 — Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219. Múltiples vulnerabilidades sin especificar en el componente PDF ... • http://secunia.com/advisories/35254 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-2575
https://notcve.org/view.php?id=CVE-2009-2575
22 Jul 2009 — The Research In Motion (RIM) BlackBerry 8800 allows remote attackers to cause a denial of service (memory consumption and browser crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. Research In Motion (RIM) BlackBerry v8800 permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída del buscador) a través un valor entero grande en la propiedad "length" de un objeto "Select", siendo un asunto relacionado con CVE-2009-169... • http://lists.grok.org.uk/pipermail/full-disclosure/2009-July/069772.html • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 3%CPEs: 10EXPL: 2CVE-2009-0307 – BlackBerry Enterprise Server 4.0/4.1 - MDS Connection Service Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-0307
22 Apr 2009 — Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceT... • https://www.exploit-db.com/exploits/32927 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 26%CPEs: 14EXPL: 0CVE-2008-3246
https://notcve.org/view.php?id=CVE-2008-3246
21 Jul 2008 — Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment. Vulnerabilidad sin especificar en el componente PDF distiller en el BlackBerry Attachment Service en BlackBerry Unite! 1.0 SP1 (1.0.1) anterior a bundle 36 y BlackBerry Enterprise Server 4.1 S... • http://secunia.com/advisories/31092 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3483
https://notcve.org/view.php?id=CVE-2007-3483
28 Jun 2007 — Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware. Research en Motion BlackBerry Enterprise Server 4.0 hasta 4.1 tiene una configuración por defecto que permite la instalación de aplicaciones arbitrarias de terceros en dispositivos BlackBerry, lo cual podría facilitar la carga de malware. • http://www.blackberry.com/btsc/articles/968/KB05499_f.SAL_Public.html •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2007-3444
https://notcve.org/view.php?id=CVE-2007-3444
27 Jun 2007 — The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service (blocked call reception) via a malformed SIP invite message, possibly related to multiple format string specifiers in the From field, a spoofed source IP address, and limitations of the function stack frame. The Research in Motion BlackBerry 7270 con 4.0 SP1 Bundle 83 permite a atacantes remotos provocar una denegación de servicio (bloqueo de recepción de llamadas) mediante un mensaje de invita... • http://osvdb.org/37648 •
CVSS: 9.8EPSS: 19%CPEs: 1EXPL: 0CVE-2007-0323
https://notcve.org/view.php?id=CVE-2007-0323
08 May 2007 — Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en la función SetLanguage del control ActiveX Research In Motion (RIM) TeamOn Import Object (TOImport.dll) permite a atacantes remotos ejecutar código de su elección vectores no especificados. • http://osvdb.org/35873 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2007-1441
https://notcve.org/view.php?id=CVE-2007-1441
14 Mar 2007 — The 4thPass browser (BlackBerry Browser) on the RIM BlackBerry 8100 (Pearl) before 4.2.1 allows remote attackers to cause a denial of service (temporary functionality loss) via a long href attribute in a link in a WML page. El navegador 4thPass (Navegador BlackBerry) en el BlackBerry 8100 (Pearl) anterior a 4.2.1 de RIM, permite a los atacantes remotos causar una denegación de servicio (pérdida de funcionalidad temporal) por medio de un atributo href largo en un enlace en una página WML. • http://osvdb.org/35030 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-5489
https://notcve.org/view.php?id=CVE-2006-5489
25 Oct 2006 — Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time. Investigaciones sobre el Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 anterior al Hotfix 1 para IBM Lotus Domino pueden permitir a atacantes remotos, con privilegios de organizador de eventos, causar la denegaci... • http://secunia.com/advisories/22408 •
CVSS: 8.8EPSS: 3%CPEs: 18EXPL: 0CVE-2006-0761
https://notcve.org/view.php?id=CVE-2006-0761
18 Feb 2006 — Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device. • http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753&vernum=2 •