Vulnerabilities > RIM > Blackberry Enterprise Server

DATE CVE VULNERABILITY TITLE RISK
2008-07-21 CVE-2008-3246 Code Injection vulnerability in multiple products
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
network
blackberry rim CWE-94
critical
9.3
2007-06-28 CVE-2007-3483 Remote Security vulnerability in Blackberry Enterprise Server 4.0/4.1
Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.
network
low complexity
rim
critical
10.0
2006-10-25 CVE-2006-5489 Denial-Of-Service vulnerability in Blackberry Enterprise Server
Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time.
network
low complexity
rim
5.0
2006-02-18 CVE-2006-0761 Buffer Overflow vulnerability in BlackBerry Enterprise Server Malformed Word Attachment
Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device.
network
high complexity
rim
5.1
2005-12-31 CVE-2005-2344 Buffer Errors vulnerability in RIM Blackberry Enterprise Server 4.0/4.0Sp1/4.0Sp2
The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.
network
low complexity
rim CWE-119
5.0
2005-12-31 CVE-2005-2342 Denial Of Service vulnerability in Blackberry Enterprise Server Router SRP Packet
Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.
network
low complexity
rim
7.8
2005-12-31 CVE-2005-2341 Buffer Errors vulnerability in RIM products
Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.
network
low complexity
rim CWE-119
7.5