| VID |
28135 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The BlackBerry Enterprise Server, according to its version number, has a buffer overflow vulnerability via the PNG attachment. The BlackBerry Attachment Service is a component of the Research in Motion (RIM) BlackBerry Enterprise Server. The BlackBerry Attachment Service renders certain types of files sent as email attachments for display on BlackBerry Handhelds and other BlackBerry client devices. RIM BlackBerry Enterprise Server versions 4.0 through to 4.0 Service Pack 2 are vulnerable to a heap-based buffer overflow vulnerability, caused by improper handling of malformed PNG(Portable Network Graphics) images. By supplying a specially-crafted PNG image as an email attachment and convincing a user to view the image on a BlackBerry Handheld, a remote, unauthenticated attacker could execute arbitrary code on the system or cause the BlackBerry Attachment Service to crash.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794
http://www.kb.cert.org/vuls/id/646976
http://www.frsirt.com/english/advisories/2006/0127
* Platforms Affected:
BlackBerry Enterprise Server (BES) versions 4.0 through to 4.0 Service Pack 2
Microsoft Windows Any version |
| Recommendation |
Install the appropriate service pack / hotfix or follow the workarounds, as listed in the BlackBerry Support Knowledge Base Article KB-04756 at http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167794 |
| Related URL |
CVE-2005-2344 (CVE) |
| Related URL |
16204 (SecurityFocus) |
| Related URL |
24063 (ISS) |
|
