PT-2009-2971 · Blackberry+1 · Blackberry Application Web Loader+1

Andre Protas

Publicado

2009-02-10

Atualizado

2009-02-17

CVE-2009-0305

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions BlackBerry Application Web Loader version 1.0

Description The issue is related to multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control. This can be exploited by remote attackers to execute arbitrary code, potentially through the use of the load or loadJad method.

Recommendations For BlackBerry Application Web Loader version 1.0, as a temporary workaround, consider disabling the load and loadJad methods until a patch is available. Restrict access to the AxLoader ActiveX control to minimize the risk of exploitation.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2009-0305

Produtos afetados

Blackberry Application Web Loader

Rim Axloader Activex Control

PT-2009-2971 · Blackberry+1 · Blackberry Application Web Loader+1

CVE-2009-0305

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7