BlackBerry Security Advisory

2009-05-26

Research in Motion has released a security advisory to address vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server. The advisory states, "Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry Attachment Service. These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a BlackBerry smartphone, could cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service."

Affected Versions:

BlackBerry Enterprise Server version 5.0

BlackBerry Enterprise Server version 4.1.x

BlackBerry Professional Software

Research in Motion has issued an interim security software update that resolves these vulnerabilities and recommends that as a best practice, BlackBerry smartphone users open attachments from trusted sources only.

Security Advisory KB18327