Vulnerabilities > RIM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-09-01 | CVE-2009-3038 | Denial-Of-Service vulnerability in Lotus Notes Connector A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion (RIM) Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of service (Internet Explorer crash) by referencing the control's CLSID in the classid attribute of an OBJECT element. | 4.3 |
| 2009-04-22 | CVE-2009-0307 | Cross-Site Scripting vulnerability in RIM Blackberry Enterprise Server Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters. | 4.3 |
| 2007-03-14 | CVE-2007-1441 | Improper Input Validation vulnerability in RIM Blackberry, Blackberry 8100 and Blackberry Browser The 4thPass browser (BlackBerry Browser) on the RIM BlackBerry 8100 (Pearl) before 4.2.1 allows remote attackers to cause a denial of service (temporary functionality loss) via a long href attribute in a link in a WML page. | 4.3 |
| 2006-10-25 | CVE-2006-5489 | Denial-Of-Service vulnerability in Blackberry Enterprise Server Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time. | 5.0 |
| 2006-02-18 | CVE-2006-0761 | Buffer Overflow vulnerability in BlackBerry Enterprise Server Malformed Word Attachment Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device. | 5.1 |
| 2005-12-31 | CVE-2005-2344 | Buffer Errors vulnerability in RIM Blackberry Enterprise Server 4.0/4.0Sp1/4.0Sp2 The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow. | 5.0 |