Vulnerability Details CVE-2010-2604
Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.077
EPSS Ranking 91.4%
CVSS Severity
CVSS v2 Score 9.3
References
- http://osvdb.org/70393
- http://secunia.com/advisories/42882
- http://www.blackberry.com/btsc/KB25382
- http://www.securityfocus.com/bid/45753
- http://www.securitytracker.com/id?1024953
- http://www.vupen.com/english/advisories/2011/0081
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64621
- http://osvdb.org/70393
- http://secunia.com/advisories/42882
- http://www.blackberry.com/btsc/KB25382
- http://www.securityfocus.com/bid/45753
- http://www.securitytracker.com/id?1024953
- http://www.vupen.com/english/advisories/2011/0081
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64621
Products affected by CVE-2010-2604
-
cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3
-
cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4
-
cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5
-
cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6
-
cpe:2.3:a:rim:blackberry_enterprise_server:4.1.7
-
cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0
-
cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1
-
cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2
-
cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.1
-
cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.2