Intology – Intelligent Technology News
Computers Technology Internet Arts Business Science Sports

A major security vulnerability in PDF distiller of the BlackBerry Attachment Service has been identified that could allow malicious code execution and compromise the enterprise server running the BlackBerry Attachment Service.

According to the advisory issued by RIM, the vulnerability given a rating of 9 out of 10, could enable a malicious individual to use a specially crafted PDF file attachment in an email message to cause arbitrary code to execute on the computer that the BlackBerry Attachment Service runs on. If a BlackBerry smartphone user on a BlackBerry Enterprise Server opens and views the specially crafted PDF file attachment on the BlackBerry smartphone, the arbitrary code execution could compromise the computer.

Not patch has been released by RIM yet but they are working on it. As a workaround they have proposed to prevent the BlackBerry Attachment Service from processing PDF files in a BlackBerry Enterprise Server environment.

The affected softwares are BlackBerry Enterprise Server software version 4.1 Service Pack 3 (4.1.3) through 4.1 Service Pack 5 (4.1.5).