Rim Blackberry Enterprise Server vulnerabilities
18 known vulnerabilities affecting rim/blackberry_enterprise_server.
Total CVEs
18
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH4MEDIUM8
Vulnerabilities
Page 1 of 1
CVE-2010-2604P3CRITICALCVSS 9.3v4.1.3v4.1.4+6 more2011-01-13
CVE-2010-2604 [CRITICAL] CWE-119 CVE-2010-2604: Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Res
Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file.
nvd
CVE-2008-3246P3CRITICALCVSS 9.3v4.1.3v4.1.4+1 more2008-07-21
CVE-2008-3246 [CRITICAL] CWE-94 CVE-2008-3246: Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in Bla
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
nvd
CVE-2009-0307P4MEDIUMCVSS 4.3PoC≤ 4.1.6v4.0+6 more2009-04-22
CVE-2009-0307 [MEDIUM] CWE-79 CVE-2009-0307: Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/Config
Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4)
nvd
CVE-2007-3483P3CRITICALCVSS 10.0v4.0v4.12007-06-28
CVE-2007-3483 [CRITICAL] CVE-2007-3483: Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that per
Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.
nvd
CVE-2009-2643P3CRITICALCVSS 9.3v4.1.3v4.1.4+3 more2009-07-28
CVE-2009-2643 [CRITICAL] CVE-2009-2643: Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Res
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a craft
nvd
CVE-2009-4778P3CRITICALCVSS 9.3v4.1.3v4.1.4+4 more2010-04-21
CVE-2009-4778 [CRITICAL] CVE-2009-4778: Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Res
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary co
nvd
CVE-2010-2601P3HIGHCVSS 7.6≤ 4.1.7v2.2+12 more2010-10-14
CVE-2010-2601 [HIGH] CWE-119 CVE-2010-2601: Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Mo
Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code
nvd
CVE-2009-2646P3CRITICALCVSS 9.3v4.1v4.1.3+3 more2009-07-30
CVE-2009-2646 [CRITICAL] CVE-2009-2646: Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Res
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a cra
nvd
CVE-2005-4848P4HIGHCVSS 7.5≤ 4.0_sp12005-12-31
CVE-2005-4848 [HIGH] CWE-119 CVE-2005-4848: Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.
Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets.
nvd
CVE-2010-2602P4MEDIUMCVSS 6.8v4.1.6v4.1.7+3 more2010-12-17
CVE-2010-2602 [MEDIUM] CWE-119 CVE-2010-2602: Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in Bla
Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document.
nvd
CVE-2005-2342P4HIGHCVSS 7.8v4.0v4.0_sp12005-12-31
CVE-2005-2342 [HIGH] CVE-2005-2342: Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (com
Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.
nvd
CVE-2011-0287P4MEDIUMCVSS 6.4v5.0.1v5.0.2+1 more2011-07-14
CVE-2011-0287 [MEDIUM] CVE-2011-0287: Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerr
Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause a denial of service via unknown vectors.
nvd
CVE-2005-2341P4HIGHCVSS 7.5≤ 4.02005-12-31
CVE-2005-2341 [HIGH] CWE-119 CVE-2005-2341: Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote a
Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.
nvd
CVE-2011-0290P4MEDIUMCVSS 6.5v5.0.32011-10-21
CVE-2011-0290 [MEDIUM] CWE-264 CVE-2011-0290: The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES)
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (log
nvd
CVE-2006-0761P4MEDIUMCVSS 5.1v2.2v2.2_sp2+12 more2006-02-18
CVE-2006-0761 [MEDIUM] CVE-2006-0761: Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise S
Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server v
nvd
CVE-2005-2344P4MEDIUMCVSS 5.0v4.0v4.0_sp1+1 more2005-12-31
CVE-2005-2344 [MEDIUM] CWE-119 CVE-2005-2344: The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0
The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.
nvd
CVE-2011-0286P4MEDIUMCVSS 4.3v5.0.0v5.0.1+2 more2011-04-18
CVE-2011-0286 [MEDIUM] CWE-79 CVE-2011-0286: Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager com
Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via th
nvd
CVE-2006-5489P4MEDIUMCVSS 5.0≤ 4.1_sp22006-10-25
CVE-2006-5489 [MEDIUM] CVE-2006-5489: Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino m
Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time.
nvd