Vulnerabilities > RIM > Blackberry Enterprise Server > 5.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-07-14 | CVE-2011-0287 | Information Disclosure vulnerability in RIM products Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors. | 6.4 |
| 2011-04-18 | CVE-2011-0286 | Cross-Site Scripting vulnerability in RIM products Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action. | 4.3 |
| 2011-01-13 | CVE-2010-2604 | Buffer Errors vulnerability in RIM products Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file. | 9.3 |
| 2010-12-17 | CVE-2010-2602 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in RIM Blackberry Enterprise Server Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document. | 6.8 |
| 2010-10-14 | CVE-2010-2601 | Buffer Errors vulnerability in RIM products Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document. | 7.6 |