BlackBerry Enterprise Server TIFF Image Processing Vulnerabilities (KB33425)

High Nessus Plugin ID 65643

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote Windows host has an application that is affected by multiple vulnerabilities.

Description

The version of BlackBerry Enterprise Server on the remote host reportedly contains multiple remote code execution vulnerabilities in its image processing library :

- The 'TIFFReadDirectory()' function in 'tif_dirread.c' is affected by a buffer overflow vulnerability that can be triggered via a specially crafted TIFF image, potentially leading to arbitrary code execution.
(CVE-2012-2088)

- A flaw in handling PixarLog compressed TIFF images may be triggered via a specially crafted TIFF image, potentially leading to arbitrary code execution.
(CVE-2012-4447)

Solution

Install the Interim Security Software Update for February 12th 2013, or upgrade to at least 5.0.4 MR1 for Novell GroupWise / 5.0.4 MR1 for IBM Lotus Domino / 5.0.4 MR1 for Microsoft Exchange.

See Also

https://salesforce.services.blackberry.com/kbredirect/KB33425

http://www.nessus.org/u?5c3b6747

Plugin Details

Severity: High

ID: 65643

File Name: blackberry_es_tiff_kb33425.nasl

Version: 1.7

Type: local

Agent: windows

Family: Windows

Published: 2013/03/21

Updated: 2019/11/27

Dependencies: 20949, 55818

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS Score Source: CVE-2012-2088

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:rim:blackberry_enterprise_server

Required KB Items: SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/02/12

Vulnerability Publication Date: 2013/02/12

Reference Information

CVE: CVE-2012-2088, CVE-2012-4447

BID: 54270, 55673

IAVA: 2013-A-0048