CVE-2009-2646

Published: Jul 30, 2009Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.

Affected (10)

Products: Rim: Blackberry Enterprise Server, Blackberry Professional Software

Rim

2 products

Blackberry Enterprise Server

Blackberry Professional Software

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Rim Blackberry Enterprise Server	Version 4.1.3
Rim Blackberry Enterprise Server	Version 4.1.4
Rim Blackberry Enterprise Server	Version 4.1.5
Rim Blackberry Enterprise Server	Version 4.1.6
Rim Blackberry Enterprise Server	Version 4.1.6 mr4
Rim Blackberry Enterprise Server	Version 4.1
Rim Blackberry Enterprise Server	Version 4.1 sp2
Rim Blackberry Enterprise Server	Version 4.1 sp2
Rim Blackberry Enterprise Server	Version 4.1 sp3
Rim Blackberry Professional Software	Version 4.1.4

References (2)

http://www.blackberry.com/btsc/KB17953

Source: cve@mitre.org

PatchVendor Advisory

http://www.blackberry.com/btsc/KB17953

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.