CVE-2010-2602

high

Description

Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/64066

http://www.vupen.com/english/advisories/2010/3237

http://www.securitytracker.com/id?1024891

http://www.securityfocus.com/bid/45392

http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB24761

http://secunia.com/advisories/35632

Details

Source: Mitre, NVD

Published: 2010-12-17

Updated: 2017-08-17

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High