CVE-2010-2602
BlackBerry Enterprise Server 4.1.6-4.1.7 and 5.0.0-5.0.2 - Buffer Overflow in PDF Distiller
Title source: llmDescription
Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45392
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64066
Vendor Advisory x_refsource_confirm
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB24761
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/3237
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024891
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35632
Scores
EPSS
0.0292
EPSS Percentile
85.4%
Details
CWE
CWE-119
Status
published
Products (5)
rim/blackberry_enterprise_server
4.1.6
rim/blackberry_enterprise_server
4.1.7
rim/blackberry_enterprise_server
5.0.0
rim/blackberry_enterprise_server
5.0.1
rim/blackberry_enterprise_server
5.0.2
Published
Dec 17, 2010
Tracked Since
Feb 18, 2026