CVE-2010-2604
Summary
| CVE | CVE-2010-2604 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2011-01-13 01:00:00 UTC |
| Updated | 2017-08-17 01:32:00 UTC |
| Description | Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Rim | Blackberry Enterprise Server | 4.1.3 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.4 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.5 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.6 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.6 | mr4 | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.7 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 5.0.0 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 5.0.1 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 5.0.2 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.3 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.4 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.5 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.6 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.6 | mr4 | All | All |
| Application | Rim | Blackberry Enterprise Server | 4.1.7 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 5.0.0 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 5.0.1 | All | All | All |
| Application | Rim | Blackberry Enterprise Server | 5.0.2 | All | All | All |
| Application | Rim | Blackberry Enterprise Server Express | 5.0.1 | All | All | All |
| Application | Rim | Blackberry Enterprise Server Express | 5.0.2 | All | All | All |
| Application | Rim | Blackberry Enterprise Server Express | 5.0.1 | All | All | All |
| Application | Rim | Blackberry Enterprise Server Express | 5.0.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| BlackBerry Attachment Service PDF Distiller (CVE-2010-2604) Remote Buffer Overflow Vulnerability | BID | www.securityfocus.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| BlackBerry Enterprise Server Buffer Overflow in Attachment Service PDF Distiller Lets Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| 70393 | OSVDB | osvdb.org | |
| KB25382-Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server | CONFIRM | www.blackberry.com | Vendor Advisory |
| BlackBerry Enterprise Server PDF Distiller Buffer Overflow Vulnerability - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.