RIM's BlackBerry Enterprise Server hit by critical bugs

Batten down your patches

By Matthew Broersma, 1 June 2009 16:09

NEWS

RIM has warned of critical bugs in its BlackBerry Enterprise Server and BlackBerry Professional Software that could be used to shut down a server or execute malicious code.

The bugs are the latest to affect the PDF distiller component of the BlackBerry Attachment Service. The PDF distiller has been hit by three similar bugs in recent months, all of a serious nature, RIM said in an advisory.

RIM did not give details of the flaws but said they could be exploited via a specially crafted PDF file. When the attachment is viewed on a BlackBerry smartphone, it could shut down the server or allow malicious code to be executed on the computer hosting the service, RIM said.

The bug was ranked as "highly critical" in an advisory from independent security firm Secunia.

BlackBerry Enterprise Server versions 4.1.3 to 5.0 are affected, as is BlackBerry Professional Software version 4.1.4, RIM said.

An interim patch available from RIM's website fixes the flaw. The patch includes the fixes for the previous PDF distiller bugs, RIM said.

Post your comment

In order to post a comment you need to be registered and logged in.

Log in or create your silicon.com account below

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy.

Questions about membership? Find the answers in the Membership FAQ