Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for BlackBerry Unite

Article ID: KB17119

Type:   Security Advisory

First Published: 01-12-09

Last Modified: 09-02-2010

 
Collapse Products
ExpandAffected Software

  • BlackBerry® Unite!™ software versions earlier than 1.0 Service Pack 3 (1.0.3) bundle 28
CollapseIssue Severity

These vulnerabilities each have a Common Vulnerability Scoring System (CVSS) score of 9.3.

CollapseOverview

This advisory describes security issues that the BlackBerry Attachment Service component of BlackBerry Unite! is susceptible to. The issues relate to the handling of malformed and possibly malicious PDF files.

ExpandRecommendation

Complete the resolution actions documented in this advisory.

ExpandReferences

RIM tracked the issues as SDR 278437, SDR 278003, SDR 278012, and SDR 278031.

CollapseProblem

Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry Attachment Service. These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a BlackBerry smartphone, could cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service.

 

CollapseResolution

Upgrade to the latest version of the BlackBerry Unite! software. Visit http://www.blackberry.com/go/blackberryunite to obtain BlackBerry Unite! software.

CollapseWorkaround

Note : As a mobile device best practice, Research In Motion (RIM) recommends that BlackBerry  smartphone users open attachments from trusted sources only .

Prevent the BlackBerry Attachment Service from processing PDF files in a BlackBerry Unite! environment

  1. Open the command prompt.

  2. Type the following command:

    net stop bbattachserver

  3. Type the following command:

    reg.exe ADD "HKLM\Software\Research In Motion\BBAttachEngine\Distillers\LoadPDFDistiller" /v Enabled /t REG_DWORD /d 0

    Important: Undertake registry modifications at your own risk, and only if you are confident in your ability to do so successfully. Serious, unsolvable problems that might require you to reinstall your operating system can occur if you modify the registry incorrectly.

  4. Type the following command:

    net start bbtattachserver

CollapseAdditional Information

CVSS

CVSS is a vendor agnostic, industry open standard designed to convey the severity of vulnerabilities. CVSS scores may be used to determine the urgency for update deployment within an organization. CVSS scores range from 0.0 (no vulnerability) to 10.0 (critical). RIM uses CVSS in vulnerability assessments to present an immutable characterization of security issues. RIM assigns all security relevant issues a non-zero score.

BlackBerry Security

Visit www.blackberry.com/security for more information on BlackBerry security.

CollapseAcknowledgements

RIM thanks Sean Larsson of iDefense Labs for reporting these issues to RIM, and working with RIM to protect its customers.

CollapseChange Log

09-02-10

Updates to article formatting. No technical content changed.

Disclaimer

By downloading, accessing or otherwise using the Knowledge Base documents you agree:

   (a) that the terms of use for the documents found at www.blackberry.com/legal/knowledgebase apply to your use or reference to these documents; and

   (b) not to copy, distribute, disclose or reproduce, in full or in part any of the documents without the express written consent of RIM.


Visit the BlackBerry Technical Solution Center at www.blackberry.com/btsc.