Vulnerability Description
Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rim | Blackberry Enterprise Server | 4.1.6 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/35632Vendor Advisory
- http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB2Vendor Advisory
- http://www.securityfocus.com/bid/45392
- http://www.securitytracker.com/id?1024891
- http://www.vupen.com/english/advisories/2010/3237Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64066
- http://secunia.com/advisories/35632Vendor Advisory
- http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB2Vendor Advisory
- http://www.securityfocus.com/bid/45392
- http://www.securitytracker.com/id?1024891
- http://www.vupen.com/english/advisories/2010/3237Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64066
FAQ
What is CVE-2010-2602?
CVE-2010-2602 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a de...
How severe is CVE-2010-2602?
CVE-2010-2602 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2602?
Check the references section above for vendor advisories and patch information. Affected products include: Rim Blackberry Enterprise Server.