CVE-2006-0761

Name of the Vulnerable Software and Affected Versions BlackBerry Enterprise Server versions 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino BlackBerry Enterprise Server versions 3.6 before SP7 for Microsoft Exchange BlackBerry Enterprise Server versions 5.0 before SP3 Hotfix 3 for Microsoft Exchange BlackBerry Enterprise Server versions 4.0 before SP3 Hotfix 1 for Novell GroupWise

Description A buffer overflow issue exists in the BlackBerry Attachment Service. This could allow remote attackers to execute arbitrary code on the server by using a crafted Microsoft Word document that is opened on a wireless device.

Recommendations For BlackBerry Enterprise Server version 2.2, update to a version with SP3 Hotfix 4 or later for IBM Lotus Domino. For BlackBerry Enterprise Server version 4.0, update to a version with SP3 Hotfix 4 or later for IBM Lotus Domino. For BlackBerry Enterprise Server version 3.6, update to a version with SP7 or later for Microsoft Exchange. For BlackBerry Enterprise Server version 5.0, update to a version with SP3 Hotfix 3 or later for Microsoft Exchange. For BlackBerry Enterprise Server version 4.0, update to a version with SP3 Hotfix 1 or later for Novell GroupWise.