CVE-2005-2341

Published: Dec 31, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.

Affected (2)

Products: Rim: Blackberry Attachment Service, Blackberry Enterprise Server

Rim

2 products

Blackberry Attachment Service

Blackberry Enterprise Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Rim Blackberry Attachment Service	Up to 4.0
Rim Blackberry Enterprise Server	Up to 4.0

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (10)

http://secunia.com/advisories/18277

Source: cret@cert.org

PatchVendor Advisory

http://securitytracker.com/id?1015426

Source: cret@cert.org

Patch

http://www.kb.cert.org/vuls/id/570768

Source: cret@cert.org

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/16098

Source: cret@cert.org

http://www.vupen.com/english/advisories/2006/0011

Source: cret@cert.org

Vendor Advisory

http://secunia.com/advisories/18277