CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0176

Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.058

EPSS Ranking 90.0%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2009-0176

Research In Motion Limited » Blackberry Enterprise Server » Version: 4.1.3

cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.3
Research In Motion Limited » Blackberry Enterprise Server » Version: 4.1.4

cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.4
Research In Motion Limited » Blackberry Enterprise Server » Version: 4.1.5

cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.5
Research In Motion Limited » Blackberry Enterprise Server » Version: 4.1.6

cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.6
Research In Motion Limited » Blackberry Professional Software » Version: 4.1.4

cpe:2.3:a:research_in_motion_limited:blackberry_professional_software:4.1.4
Research In Motion Limited » Blackberry Unite » Version: Any

cpe:2.3:a:research_in_motion_limited:blackberry_unite:*
Research In Motion Limited » Blackberry Unite » Version: 1.0

cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0
Research In Motion Limited » Blackberry Unite » Version: 1.0.1

cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.1
Research In Motion Limited » Blackberry Unite » Version: 1.0.2

cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0176

Products

Pricing

Contact Us