CVE-2008-3246
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
Vulnerabilidad sin especificar en el componente PDF distiller en el BlackBerry Attachment Service en BlackBerry Unite! 1.0 SP1 (1.0.1) anterior a bundle 36 y BlackBerry Enterprise Server 4.1 SP3 (4.1.3) a la v4.1 SP5 (4.1.5), permite atacantes remotos asistidos por el usuario ejecutar códigod e su elección a través de un fichero PDF adjunto manipulado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-07-21 CVE Reserved
- 2008-07-21 CVE Published
- 2023-12-25 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/31141 | Third Party Advisory | |
| http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html | X_refsource_confirm | |
| http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html | X_refsource_confirm | |
| http://www.kb.cert.org/vuls/id/289235 | Third Party Advisory |
|
| http://www.securitytracker.com/id?1020505 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/2108/references | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/43840 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/43843 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/31092 | 2017-08-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Blackberry Search vendor "Blackberry" | Enterprise Server Search vendor "Blackberry" for product "Enterprise Server" | 4.1 Search vendor "Blackberry" for product "Enterprise Server" and version "4.1" | sp3 |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Server Search vendor "Blackberry" for product "Enterprise Server" | 4.1.3 Search vendor "Blackberry" for product "Enterprise Server" and version "4.1.3" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Server Search vendor "Blackberry" for product "Enterprise Server" | 4.1.4 Search vendor "Blackberry" for product "Enterprise Server" and version "4.1.4" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Enterprise Server Search vendor "Blackberry" for product "Enterprise Server" | 4.1.5 Search vendor "Blackberry" for product "Enterprise Server" and version "4.1.5" | - |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Unite Search vendor "Blackberry" for product "Unite" | 1.0 Search vendor "Blackberry" for product "Unite" and version "1.0" | sp1 |
Affected
| ||||||
| Blackberry Search vendor "Blackberry" | Unite Search vendor "Blackberry" for product "Unite" | 1.0.1 Search vendor "Blackberry" for product "Unite" and version "1.0.1" | - |
Affected
| ||||||
| Rim Search vendor "Rim" | Blackberry Enterprise Server Search vendor "Rim" for product "Blackberry Enterprise Server" | 4.1.3 Search vendor "Rim" for product "Blackberry Enterprise Server" and version "4.1.3" | - |
Affected
| ||||||
| Rim Search vendor "Rim" | Blackberry Enterprise Server Search vendor "Rim" for product "Blackberry Enterprise Server" | 4.1.4 Search vendor "Rim" for product "Blackberry Enterprise Server" and version "4.1.4" | - |
Affected
| ||||||
| Rim Search vendor "Rim" | Blackberry Enterprise Server Search vendor "Rim" for product "Blackberry Enterprise Server" | 4.1.5 Search vendor "Rim" for product "Blackberry Enterprise Server" and version "4.1.5" | - |
Affected
| ||||||
| Rim Search vendor "Rim" | Blackberry Enterprise Server For Domino Search vendor "Rim" for product "Blackberry Enterprise Server For Domino" | * | - |
Affected
| ||||||
| Rim Search vendor "Rim" | Blackberry Enterprise Server For Exchange Search vendor "Rim" for product "Blackberry Enterprise Server For Exchange" | * | - |
Affected
| ||||||
| Rim Search vendor "Rim" | Blackberry Enterprise Server For Novell Groupwise Search vendor "Rim" for product "Blackberry Enterprise Server For Novell Groupwise" | * | - |
Affected
| ||||||
| Rim Search vendor "Rim" | Blackberry Unite Search vendor "Rim" for product "Blackberry Unite" | 1.0 Search vendor "Rim" for product "Blackberry Unite" and version "1.0" | sp1 |
Affected
| ||||||
| Rim Search vendor "Rim" | Blackberry Unite Search vendor "Rim" for product "Blackberry Unite" | 1.0.1 Search vendor "Rim" for product "Blackberry Unite" and version "1.0.1" | - |
Affected
| ||||||