• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Blackberry Enterprise Server Attachment Service PNG Attachment Denial Of Service Vulnerability

Research In Motion Blackberry Enterprise Server is prone to denial of service attacks. This issue affects the Attachment Service and may be triggered by a malformed PNG attachment.

The issue is caused by a heap-based buffer overflow. This issue allows remote attackers to execute arbitrary machine code in the context of the affected Attachment Service. Failed exploitation attempts will likely cause a denial of service in the affected application.