CVE-2009-0176

{"id": "CVE-2009-0176", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-01-20T16:00:09.000", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=764", "source": "cve@mitre.org"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=765", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/33534", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17119", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/33224", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to \"symWidths\"; or (2) a crafted data stream in a .pdf file, related to \"bitmaps.\""}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basados en mont\u00edculo en PDF distiller en el Servicio de Adjuntar en Research in Motion (RIM) Blackberry Enterprise Server (BES) v4.1.3 hasta 4.1.6, Blackberry Professional Software v4.1.4, y blackberry Unite! anteriores a v1.0.3 bundle 28, permite a atacantes remotos asistidos por usuarios, ejecutar c\u00f3digo de su elecci\u00f3n a a trav\u00e9s (1)cadena man\u00edpulada en un fichero .PDF, relativo a \"symWidths\"; o (2) a cadenas de datos manipulada en un fichero .PDF, relativo a \"bitmaps\"."}], "lastModified": "2009-05-18T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DDE9EAC-D9FF-47C2-A830-0316F74D822E"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3B71789-C43D-4D75-9C49-71D9347EF321"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59C67945-B4C6-4159-8FF0-05227D46E282"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2FE657D-6988-4A19-B0EC-8D9413AB7A5E"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_professional_software:4.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E3AB6DC-0733-4683-B495-2FF85923ACB8"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DC011EA-0F76-4554-B19D-3B93F7C1D774", "versionEndIncluding": "1.0.3"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D4FFD7E-241B-458A-AB88-C4C06E47C017"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C6120B4-CEE1-412B-9EE3-9F2B0BE690A1"}, {"criteria": "cpe:2.3:a:research_in_motion_limited:blackberry_unite:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A748FD0-2FED-4C8F-9693-ED16095E917A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}