Untrusted search path vulnerability in BlackBerry Desktop Software before 6.0.0.47 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Blackberry.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Blackberry_desktop_software | Rim | * | 6.0 (including) |
| Blackberry_desktop_software | Rim | 3.0 (including) | 3.0 (including) |
| Blackberry_desktop_software | Rim | 4.0 (including) | 4.0 (including) |
| Blackberry_desktop_software | Rim | 4.5 (including) | 4.5 (including) |
| Blackberry_desktop_software | Rim | 4.6 (including) | 4.6 (including) |
| Blackberry_desktop_software | Rim | 4.7 (including) | 4.7 (including) |
| Blackberry_desktop_software | Rim | 5.0 (including) | 5.0 (including) |
| Blackberry_desktop_software | Rim | 5.0.1 (including) | 5.0.1 (including) |
References
- http://secunia.com/advisories/41346
- http://secunia.com/advisories/41398
- http://www.blackberry.com/btsc/KB24242
- http://www.securityfocus.com/bid/43139
- http://www.securitytracker.com/id?1024425
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6843
- http://secunia.com/advisories/41346
- http://secunia.com/advisories/41398
- http://www.blackberry.com/btsc/KB24242
- http://www.securityfocus.com/bid/43139
- http://www.securitytracker.com/id?1024425
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6843