Technical Description

A vulnerability has been identified in BlackBerry Enterprise Server, which may be exploited by remote attackers to execute arbitrary code. This flaw is due to a buffer overflow error in the BlackBerry Attachment Service component that does not properly handle malformed Word (.doc) documents, which could be exploited by an unauthenticated remote attacker to compromise a vulnerable server by convincing a user to open a malicious attachment on a BlackBerry Handheld.

Affected Products

BlackBerry Enterprise Server version 2.2 and later for Lotus Domino
BlackBerry Enterprise Server version 3.6 and later for MS Exchange
BlackBerry Enterprise Server version 4.0 and later for Novell GroupWise

Solution

BlackBerry Enterprise Server 3.6 (for MS Exchange) - Install Service Pack 7.
BlackBerry Enterprise Server 4.0( for MS Exchange) - Install Service Pack 3, then install version 4.0 Service Pack 3 Hotfix 3.
BlackBerry Enterprise Server 2.2 (for Lotus Domino) - A fix will be available soon.
BlackBerry Enterprise Server 4.0 (for Lotus Domino) - Install Service Pack 3, then install version 4.0 Service Pack 3 Hotfix 4.
BlackBerry Enterprise Server 4.0 (for Novell GroupWise) - Install Service Pack 3, then install version 4.0 Service Pack 3 Hotfix 1.

References

http://www.vupen.com/english/advisories/2006/0530
http://www.frsirt.com/english/reference/5737

Credits

Vulnerability reported by the vendor

ChangeLog

2006-02-12 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.