Current Activity - Research In Motion Releases Advisory for BlackBerry PDF Distiller Vulnerabilities

[Current Activity <us-cert () us-cert gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Research In Motion Releases Advisory for BlackBerry PDF Distiller Vulnerabilities

Original release date: December 1, 2009 at 1:58 pm
Last revised: December 1, 2009 at 1:58 pm


Research In Motion has released a security advisory to address
multiple vulnerabilities in the PDF distiller of some released
versions of the BlackBerry Attachment Service. The advisory lists the
affected versions as BlackBerry Enterprise Server 5.0.0 running on
Microsoft Windows version 2003 or 2008, BlackBerry Enterprise Server
5.0.0 running on Microsoft Windows 2000, BlackBerry Enterprise Server
software versions 4.1.3 through 4.1.7, and BlackBerry Professional
Software 4.1.4. By convincing a user to view a specially crafted PDF
file, an attacker may be able to execute arbitrary code or cause a
denial-of-service condition on the system that hosts the BlackBerry
Attachment Service.

US-CERT encourages users and administrators to review BlackBerry
security advisory KB19860 and apply any necessary updates.

Relevant Url(s):
<http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB19860>

====
This entry is available at
http://www.us-cert.gov/current/index.html#research_in_motion_releases_advisory1

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSxVqtNucaIvSvh1ZAQKRvAgAtmNNat6Mg4xET1FD03n9wEqmqJEv/L2Q
7iROYdsAeAaffzZDTGk98E7AkwM0cxqwlrXWfyyRcP0cxlMqLrElkczDBozcEUri
rcTtL4jmHke7z2TULdea5EtexjYxsvkDtZncQgXM+K47A6FZX1t2LOE8swmYet/H
BNNck958PabWN/LQDRAWRho6D3FOsBOGJ6BGSPGe2pqJqJVnikapyDkPG25/q4dG
VrhRTgPzEs0MdDGQJ5iTN4rJdVukcOfFosYlh+F8+aWzizbqYd/c8wKikVOasDUU
L+TjoWb3/AdBk+4Qc8mF8XLQ05mrAlLpa38kV+Eg4BMI25f66UP7fg==
=4wze
-----END PGP SIGNATURE-----