CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1CVE-2011-0286
https://notcve.org/view.php?id=CVE-2011-0286
Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en webdesktop/app en el componente BlackBerry Web Desktop Manager en el software Research In Motion (RIM) BlackBerry Enterprise Server (BES) anterior a v5.0.2 MR5 y v5.0.3 anterior a MR1,y el software BlackBerry Enterprise Server Express v5.0.1 y v5.0.2, permite a atacantes remotos inyectar script o HTML de su elección a través del parámetro displayErrorMessage en una acción ManageDevices. • http://secunia.com/advisories/44183 http://securitytracker.com/id?1025356 http://www.blackberry.com/btsc/KB26296 http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf http://www.securityfocus.com/bid/47324 http://www.vupen.com/english/advisories/2011/0971 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 9%CPEs: 11EXPL: 0CVE-2010-2604
https://notcve.org/view.php?id=CVE-2010-2604
Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file. Múltiples desbordamientos de búfer en PDF Distiller en el componente de BlackBerry Attachment Service de Research In Motion (RIM) BlackBerry Enterprise Server v4.1.3 hasta v5.0.2, y Enterprise Server Express v5.0.1 y v5.0.2, permite a atacantes remotos ejecutar código de su elección a través de un archivo PDF manipulado. • http://osvdb.org/70393 http://secunia.com/advisories/42882 http://www.blackberry.com/btsc/KB25382 http://www.securityfocus.com/bid/45753 http://www.securitytracker.com/id?1024953 http://www.vupen.com/english/advisories/2011/0081 https://exchange.xforce.ibmcloud.com/vulnerabilities/64621 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 4%CPEs: 5EXPL: 0CVE-2010-2602
https://notcve.org/view.php?id=CVE-2010-2602
Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document. Múltiples desbordamientos de búfer en el componente PDF Distiller en BlackBerry Attachment Service en BlackBerry Enterprise Server v5.0.0 hasta v5.0.2, v4.1.6, y v4.1.7, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente la ejecución de código de su elección a través de un documento PDF manipulado. • http://secunia.com/advisories/35632 http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB24761 http://www.securityfocus.com/bid/45392 http://www.securitytracker.com/id?1024891 http://www.vupen.com/english/advisories/2010/3237 https://exchange.xforce.ibmcloud.com/vulnerabilities/64066 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 17EXPL: 0CVE-2010-2601
https://notcve.org/view.php?id=CVE-2010-2601
Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document. Múltiples desbordamientos de búfer en PDF distiller en el componente Attachment Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) software v4.1.7 and earlier y v5.0.0 hasta v5.0.2, y BlackBerry Professional Software v4.1.4 and earlier, permite a atacantse asistidos por usuarios remotos causar una denegacion de servicio y probablemente ejecutar código de su elección a través de un documento PDF manipulado. • http://blackberry.com/btsc/KB24547 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 7%CPEs: 7EXPL: 0CVE-2009-4778
https://notcve.org/view.php?id=CVE-2009-4778
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646. Múltiples vulnerabilidades no especificadas en PDF distiller en el componente Attachment Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) software v4.1.3 hasta v4.1.7 y v5.0.0, y BlackBerry Professional Software v4.1.4, permite a atacantes remotos asistidos por usuarios causar una denegación de servicio (caída de memoria) o probablemente ejecutar código de su elección a través de un fichero adjunto .pdf manipulado, una vulnerabilidad diferente que CVE-2008-3246, CVE-2009-0176, CVE-2009-0219, CVE-2009-2643, and CVE-2009-2646. • http://secunia.com/advisories/37562 http://www.blackberry.com/btsc/KB19860 http://www.securityfocus.com/bid/37167 http://www.securitytracker.com/id?1023258 http://www.vupen.com/english/advisories/2009/3372 •