CVE-2010-2601

Name of the Vulnerable Software and Affected Versions BlackBerry Enterprise Server versions 4.1.7 and earlier BlackBerry Enterprise Server versions 5.0.0 through 5.0.2 BlackBerry Professional Software versions 4.1.4 and earlier

Description The issue is related to multiple buffer overflows in the PDF distiller of the Attachment Service component. This can be exploited by user-assisted remote attackers using a crafted PDF document, potentially leading to a denial of service or the execution of arbitrary code.

Recommendations For BlackBerry Enterprise Server versions 4.1.7 and earlier, update to a version later than 4.1.7. For BlackBerry Enterprise Server versions 5.0.0 through 5.0.2, update to a version later than 5.0.2. For BlackBerry Professional Software versions 4.1.4 and earlier, update to a version later than 4.1.4.