CVE-2009-2643 | Vulnerability Database | Aqua Security

Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.

Affected Software

Name	Vendor	Start Version	End Version
Blackberry_enterprise_server	Rim	4.1.3 (including)	4.1.3 (including)
Blackberry_enterprise_server	Rim	4.1.4 (including)	4.1.4 (including)
Blackberry_enterprise_server	Rim	4.1.5 (including)	4.1.5 (including)
Blackberry_enterprise_server	Rim	4.1.6 (including)	4.1.6 (including)
Blackberry_enterprise_server	Rim	4.1.6-mr4 (including)	4.1.6-mr4 (including)
Blackberry_enterprise_server	Rim	5.0 (including)	5.0 (including)
Blackberry_professional_software	Rim	4.1.4 (including)	4.1.4 (including)

References

http://secunia.com/advisories/35254
http://www.blackberry.com/btsc/KB18327
http://www.osvdb.org/54767
http://www.securityfocus.com/bid/35102
http://www.securitytracker.com/id?1022295
http://www.vupen.com/english/advisories/2009/1429
https://exchange.xforce.ibmcloud.com/vulnerabilities/50755
http://secunia.com/advisories/35254
http://www.blackberry.com/btsc/KB18327
http://www.osvdb.org/54767
http://www.securityfocus.com/bid/35102
http://www.securitytracker.com/id?1022295
http://www.vupen.com/english/advisories/2009/1429
https://exchange.xforce.ibmcloud.com/vulnerabilities/50755

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-2643
CWE	https://cwe.mitre.org/data/definitions/.html