CVE-2009-0219

Опубликовано: 21 янв. 2009

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*

cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*

cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*

cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*

cpe:2.3:a:research_in_motion_limited:blackberry_professional_software:4.1.4:*:*:*:*:*:*:*

cpe:2.3:a:research_in_motion_limited:blackberry_unite:*:*:*:*:*:*:*:*

Версия до 1.0.3 (включая)

cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0:*:*:*:*:*:*:*

cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04314

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-399

Связанные уязвимости

GHSA-mmxm-qr72-x76h

github

почти 4 года назад