CVE-2009-2643

Name of the Vulnerable Software and Affected Versions BlackBerry Enterprise Server software versions 4.1.3 through 5.0 BlackBerry Professional Software version 4.1.4

Description The issue is related to multiple unspecified vulnerabilities in the PDF distiller of the Attachment Service component. These vulnerabilities can be exploited by user-assisted remote attackers using a crafted .pdf file attachment, potentially leading to a denial of service due to memory corruption or possibly allowing the execution of arbitrary code.

Recommendations For BlackBerry Enterprise Server software versions 4.1.3 through 5.0, update to a version outside of this range to resolve the issue. For BlackBerry Professional Software version 4.1.4, update to a version later than 4.1.4 to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.