Lucene search

MitreCVE-2010-2601

HistoryOct 14, 2010 - 6:00 p.m.

CVE-2010-2601

2010-10-1418:00:03

CWE-119

mitre

web.nvd.nist.gov

cve-2010-2601

pdf distiller

blackberry

buffer overflows

bes

remote attackers

denial of service

arbitrary code

nvd

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

8.3

Confidence

High

EPSS

0.005

Percentile

75.5%

JSON

Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document.

Affected configurations

Nvd

Node

rimblackberry_enterprise_serverRange≤4.1.7

rimblackberry_enterprise_serverMatch2.2

rimblackberry_enterprise_serverMatch3.6

rimblackberry_enterprise_serverMatch3.6.1

rimblackberry_enterprise_serverMatch4.0

rimblackberry_enterprise_serverMatch4.0sp3

rimblackberry_enterprise_serverMatch4.0.3

rimblackberry_enterprise_serverMatch4.1

rimblackberry_enterprise_serverMatch4.1.3

rimblackberry_enterprise_serverMatch4.1.4

rimblackberry_enterprise_serverMatch4.1.5

rimblackberry_enterprise_serverMatch4.1.6

rimblackberry_enterprise_serverMatch4.1.6mr4

rimblackberry_enterprise_serverMatch5.0.0

rimblackberry_enterprise_serverMatch5.0.1

rimblackberry_enterprise_serverMatch5.0.2

rimblackberry_professional_softwareRange≤4.1.4

VendorProductVersionCPE
rimblackberry_enterprise_server*cpe:2.3:a:rim:blackberry_enterprise_server:*:*:*:*:*:*:*:*
rimblackberry_enterprise_server2.2cpe:2.3:a:rim:blackberry_enterprise_server:2.2:*:*:*:*:*:*:*
rimblackberry_enterprise_server3.6cpe:2.3:a:rim:blackberry_enterprise_server:3.6:*:*:*:*:*:*:*
rimblackberry_enterprise_server3.6.1cpe:2.3:a:rim:blackberry_enterprise_server:3.6.1:*:*:*:*:*:*:*
rimblackberry_enterprise_server4.0cpe:2.3:a:rim:blackberry_enterprise_server:4.0:*:*:*:*:*:*:*
rimblackberry_enterprise_server4.0cpe:2.3:a:rim:blackberry_enterprise_server:4.0:sp3:*:*:*:*:*:*
rimblackberry_enterprise_server4.0.3cpe:2.3:a:rim:blackberry_enterprise_server:4.0.3:*:*:*:*:*:*:*
rimblackberry_enterprise_server4.1cpe:2.3:a:rim:blackberry_enterprise_server:4.1:*:*:*:*:*:*:*
rimblackberry_enterprise_server4.1.3cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*
rimblackberry_enterprise_server4.1.4cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
rim	blackberry_enterprise_server	*	cpe:2.3:a:rim:blackberry_enterprise_server::::::::
rim	blackberry_enterprise_server	2.2	cpe:2.3:a:rim:blackberry_enterprise_server:2.2:::::::*
rim	blackberry_enterprise_server	3.6	cpe:2.3:a:rim:blackberry_enterprise_server:3.6:::::::*
rim	blackberry_enterprise_server	3.6.1	cpe:2.3:a:rim:blackberry_enterprise_server:3.6.1:::::::*
rim	blackberry_enterprise_server	4.0	cpe:2.3:a:rim:blackberry_enterprise_server:4.0:::::::*
rim	blackberry_enterprise_server	4.0	cpe:2.3:a:rim:blackberry_enterprise_server:4.0:sp3::::::
rim	blackberry_enterprise_server	4.0.3	cpe:2.3:a:rim:blackberry_enterprise_server:4.0.3:::::::*
rim	blackberry_enterprise_server	4.1	cpe:2.3:a:rim:blackberry_enterprise_server:4.1:::::::*
rim	blackberry_enterprise_server	4.1.3	cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:::::::*
rim	blackberry_enterprise_server	4.1.4	cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:::::::*

Rows per page:

1-10 of 171

References

blackberry.com/btsc/KB24547

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

8.3

Confidence

High

EPSS

0.005

Percentile

75.5%

JSON

Related for CVE-2010-2601