Vulnerability Description
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Blackberry | Enterprise Server | 4.1 |
| Blackberry | Unite | 1.0 |
| Rim | Blackberry Enterprise Server | 4.1.3 |
| Rim | Blackberry Enterprise Server For Domino | All versions |
| Rim | Blackberry Enterprise Server For Exchange | All versions |
| Rim | Blackberry Enterprise Server For Novell Groupwise | All versions |
| Rim | Blackberry Unite | 1.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31092Vendor Advisory
- http://secunia.com/advisories/31141
- http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html
- http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html
- http://www.kb.cert.org/vuls/id/289235US Government Resource
- http://www.securitytracker.com/id?1020505
- http://www.vupen.com/english/advisories/2008/2108/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43840
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43843
- http://secunia.com/advisories/31092Vendor Advisory
- http://secunia.com/advisories/31141
- http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html
- http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html
- http://www.kb.cert.org/vuls/id/289235US Government Resource
- http://www.securitytracker.com/id?1020505
FAQ
What is CVE-2008-3246?
CVE-2008-3246 is a vulnerability with a CVSS score of 9.3 (HIGH). Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) thr...
How severe is CVE-2008-3246?
CVE-2008-3246 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3246?
Check the references section above for vendor advisories and patch information. Affected products include: Blackberry Enterprise Server, Blackberry Unite, Rim Blackberry Enterprise Server, Rim Blackberry Enterprise Server For Domino, Rim Blackberry Enterprise Server For Exchange.