BlackBerry Enterprise Server PNG Attachment Buffer Overflow

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.

Synopsis :

The remote Windows application is affected by a buffer overflow

Description :

The version of BlackBerry Enterprise Server installed on the remote
host reportedly is affected by a heap-based buffer overflow that can
be triggered by a malformed PNG attachment. Exploitation of this
issue may cause the Attachment Service to stop responding or crash and
may even allow for the execute of arbitrary code subject to the
privileges under which the application runs, generally

See also :

Solution :

Install the appropriate service pack / hotfix as described in the
vendor advisory referenced above.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.0
Public Exploit Available : false

Family: Gain a shell remotely

Nessus Plugin ID: 20982 (blackberry_es_png_attachment_overflow.nasl)

Bugtraq ID: 16204

CVE ID: CVE-2005-2344

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now