CVE-2007-3444
https://notcve.org/view.php?id=CVE-2007-3444
The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service (blocked call reception) via a malformed SIP invite message, possibly related to multiple format string specifiers in the From field, a spoofed source IP address, and limitations of the function stack frame. The Research in Motion BlackBerry 7270 con 4.0 SP1 Bundle 83 permite a atacantes remotos provocar una denegación de servicio (bloqueo de recepción de llamadas) mediante un mensaje de invitación SIP • http://osvdb.org/37648 http://secunia.com/advisories/25824 http://www.blackberry.com/btsc/articles/225/KB12700_f.SAL_Public.html http://www.kb.cert.org/vuls/id/785257 http://www.securityfocus.com/bid/24548 http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=211& https://exchange.xforce.ibmcloud.com/vulnerabilities/35074 •
CVE-2007-0323
https://notcve.org/view.php?id=CVE-2007-0323
Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en la función SetLanguage del control ActiveX Research In Motion (RIM) TeamOn Import Object (TOImport.dll) permite a atacantes remotos ejecutar código de su elección vectores no especificados. • http://osvdb.org/35873 http://secunia.com/advisories/25218 http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html http://www.kb.cert.org/vuls/id/869641 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23331 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1716 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027 https://excha •
CVE-2007-1441
https://notcve.org/view.php?id=CVE-2007-1441
The 4thPass browser (BlackBerry Browser) on the RIM BlackBerry 8100 (Pearl) before 4.2.1 allows remote attackers to cause a denial of service (temporary functionality loss) via a long href attribute in a link in a WML page. El navegador 4thPass (Navegador BlackBerry) en el BlackBerry 8100 (Pearl) anterior a 4.2.1 de RIM, permite a los atacantes remotos causar una denegación de servicio (pérdida de funcionalidad temporal) por medio de un atributo href largo en un enlace en una página WML. • http://osvdb.org/35030 http://securityreason.com/securityalert/2434 http://www.blackberry.com/btsc/articles/923/KB12577_f.SAL_Public.html http://www.kb.cert.org/vuls/id/282856 http://www.securityfocus.com/archive/1/462589/100/0/threaded http://www.securityfocus.com/archive/1/462701/100/0/threaded http://www.securitytracker.com/id?1017748 http://www.vupen.com/english/advisories/2007/0945 • CWE-20: Improper Input Validation •
CVE-2006-5489
https://notcve.org/view.php?id=CVE-2006-5489
Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time. Investigaciones sobre el Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 anterior al Hotfix 1 para IBM Lotus Domino pueden permitir a atacantes remotos, con privilegios de organizador de eventos, causar la denegación de servicio (colgar la aplicación) a través del borrado de una convocatoria de reunión periódica cuando cambian la hora de encuentro en el calendario de los asistentes. • http://secunia.com/advisories/22408 http://securitytracker.com/id?1017101 http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch&nodeId=1276788 http://www.osvdb.org/29897 http://www.vupen.com/english/advisories/2006/4133 https://exchange.xforce.ibmcloud.com/vulnerabilities/29678 •
CVE-2006-0761
https://notcve.org/view.php?id=CVE-2006-0761
Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device. • http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753&vernum=2 http://www.securityfocus.com/archive/1/424728/100/0/threaded http://www.securityfocus.com/bid/16590 http://www.vupen.com/english/advisories/2006/0530 https://exchange.xforce.ibmcloud.com/vulnerabilities/24629 •