VYPR
Unrated severityNVD Advisory· Published Oct 14, 2010· Updated Jun 16, 2026

CVE-2010-2601

CVE-2010-2601

Description

Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document.

Affected products

19
  • cpe:2.3:a:rim:blackberry_enterprise_server:*:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:rim:blackberry_enterprise_server:*:*:*:*:*:*:*:*range: <=4.1.7
    • cpe:2.3:a:rim:blackberry_enterprise_server:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:3.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:4.0:sp3:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:mr4:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rim:blackberry_professional_software:*:*:*:*:*:*:*:*
    Range: <=4.1.4
  • Range: <=4.1.7, 5.0.0 - 5.0.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.