CVE-2008-3246

Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.

Published: Jul 21, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3246
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
blackberry / unite	1.0-sp1	1.0-sp1.x
blackberry / enterprise_server	4.1.4	4.1.4.x
rim / blackberry_enterprise_server_for_exchange	-	-
rim / blackberry_enterprise_server	4.1.5	4.1.5.x
blackberry / enterprise_server	4.1.5	4.1.5.x
blackberry / unite	1.0.1	1.0.1.x
blackberry / enterprise_server	4.1-sp3	4.1-sp3.x
rim / blackberry_unite	1.0.1	1.0.1.x
rim / blackberry_enterprise_server	4.1.4	4.1.4.x
rim / blackberry_enterprise_server_for_domino	-	-
rim / blackberry_enterprise_server	4.1.3	4.1.3.x
rim / blackberry_enterprise_server_for_novell_groupwise	-	-
rim / blackberry_unite	1.0-sp1	1.0-sp1.x
blackberry / enterprise_server	4.1.3	4.1.3.x

Vulnerability Database

289,697

CVE-2008-3246