Critical vulnerability in BlackBerry Enterprise ServerJuly 16, 2008 – 6:32 AM
Crafted Portable Document Format files can allow an attacker to gain control of a BlackBerry server. According to a security advisory from BlackBerry vendor RIM, the bug is in the PDF Distiller component of the Attachment Service, which runs on the server and prepares PDF email attachments for display on a BlackBerry handheld. The bug is only triggered when a user opens the PDF on his or her BlackBerry handheld.
BlackBerry does not give any further information on the nature of the bug, but it can be used to inject and execute code on the server. BlackBerry Enterprise Server 4.1 Service Pack 3 (4.1.3) to 4.1 Service Pack 5 (4.1.5) and BlackBerry Unite! prior to 1.0 Service Pack 1 (1.0.1) Bundle 36 are affected. Whilst the problem has been fixed in BlackBerry Unite from bundle 36, according to the vendor no patch or update is as yet available for Enterprise Server.
As a workaround, RIM recommends disabling PDF processing in the Attachment Service. Precise instructions are given in the security advisory linked below. As RIM gives the security vulnerability a Common Vulnerability Scoring System (CVSS) score of 9.0 out of a maximum of 10, administrators are advised to take rapid action.