CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2011-0290
https://notcve.org/view.php?id=CVE-2011-0290
21 Oct 2011 — The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors. BlackBerry Collaboration Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) v5.0.3 a través d... • http://secunia.com/advisories/46370 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2011-0287
https://notcve.org/view.php?id=CVE-2011-0287
14 Jul 2011 — Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en la API de BlackBerry Administration en Research In Motion (RIM) BlackBerry Enterprise Server (BES) en v5.0.1 hasta v5.0.3, y BlackBerry Enterprise Server Expr... • http://secunia.com/advisories/45242 •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 1CVE-2011-0286
https://notcve.org/view.php?id=CVE-2011-0286
18 Apr 2011 — Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en webdesktop/app en... • http://secunia.com/advisories/44183 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 7%CPEs: 11EXPL: 0CVE-2010-2604
https://notcve.org/view.php?id=CVE-2010-2604
12 Jan 2011 — Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file. Múltiples desbordamientos de búfer en PDF Distiller en el componente de BlackBerry Attachment Service de Research In Motion (RIM) BlackBerry Enterprise Server v4.1.3 hasta v5.0.2, y Enterprise Server Express v5.0.1 y v5.... • http://osvdb.org/70393 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 0CVE-2010-2602
https://notcve.org/view.php?id=CVE-2010-2602
17 Dec 2010 — Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document. Múltiples desbordamientos de búfer en el componente PDF Distiller en BlackBerry Attachment Service en BlackBerry Enterprise Server v5.0.0 hasta v5.0.2, v4.1.6, y v4.1.7, permite a atacantes remotos provocar una denegación de... • http://secunia.com/advisories/35632 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 4%CPEs: 17EXPL: 0CVE-2010-2601
https://notcve.org/view.php?id=CVE-2010-2601
14 Oct 2010 — Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document. Múltiples desbordamientos de búfer en PDF distiller en el componente Attachment Service en Research In Motion (RIM) BlackBerry En... • http://blackberry.com/btsc/KB24547 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 3%CPEs: 7EXPL: 0CVE-2009-4778
https://notcve.org/view.php?id=CVE-2009-4778
21 Apr 2010 — Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646. Múlt... • http://secunia.com/advisories/37562 •
CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 0CVE-2009-2646
https://notcve.org/view.php?id=CVE-2009-2646
30 Jul 2009 — Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219. Vulnerabilidad múltiple no especificado en PDF distiller en el... • http://www.blackberry.com/btsc/KB17953 •
CVSS: 9.3EPSS: 5%CPEs: 7EXPL: 0CVE-2009-2643
https://notcve.org/view.php?id=CVE-2009-2643
28 Jul 2009 — Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219. Múltiples vulnerabilidades sin especificar en el componente PDF ... • http://secunia.com/advisories/35254 •
CVSS: 6.1EPSS: 3%CPEs: 10EXPL: 2CVE-2009-0307 – BlackBerry Enterprise Server 4.0/4.1 - MDS Connection Service Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-0307
22 Apr 2009 — Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceT... • https://www.exploit-db.com/exploits/32927 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •