• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Blackberry Enterprise Server Attachment Service TIFF Attachment Denial Of Service Vulnerability

Research In Motion Blackberry Enterprise Server is prone to denial of service attacks. This issue affects the Attachment Service and may be triggered by a malformed TIFF attachment.

The issue is reportedly caused by a heap-based buffer overflow. The vendor has stated that this issue will result in a denial of service, and it is therefore not believed that the issue is exploitable beyond a denial of service. However, other sources indicate that this issue may allow arbitrary code execution to occur upon successful exploitation. Specific details regarding code execution are not currently available and have not been confirmed. This record will be updated when more information is available.