CVE-2008-3246

high

Description

Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/43843

https://exchange.xforce.ibmcloud.com/vulnerabilities/43840

http://www.vupen.com/english/advisories/2008/2108/references

http://www.securitytracker.com/id?1020505

http://www.kb.cert.org/vuls/id/289235

http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html

http://www.blackberry.com/btsc/articles/635/KB15770_f.SAL_Public.html

http://secunia.com/advisories/31141

http://secunia.com/advisories/31092

Details

Source: Mitre, NVD

Published: 2008-07-21

Updated: 2017-08-08

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High