Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for BlackBerry Unite

Article ID: KB17119

Type:   Security Advisory

First Published: 01-12-09

Last Modified: 09-02-2010

Collapse Products
ExpandAffected Software

  • BlackBerry® Unite!™ software versions earlier than 1.0 Service Pack 3 (1.0.3) bundle 28
CollapseIssue Severity

These vulnerabilities each have a Common Vulnerability Scoring System (CVSS) score of 9.3.


This advisory describes security issues that the BlackBerry Attachment Service component of BlackBerry Unite! is susceptible to. The issues relate to the handling of malformed and possibly malicious PDF files.


Complete the resolution actions documented in this advisory.


RIM tracked the issues as SDR 278437, SDR 278003, SDR 278012, and SDR 278031.


Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry Attachment Service. These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a BlackBerry smartphone, could cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service.



Upgrade to the latest version of the BlackBerry Unite! software. Visit to obtain BlackBerry Unite! software.


Note : As a mobile device best practice, Research In Motion (RIM) recommends that BlackBerry  smartphone users open attachments from trusted sources only .

Prevent the BlackBerry Attachment Service from processing PDF files in a BlackBerry Unite! environment

  1. Open the command prompt.

  2. Type the following command:

    net stop bbattachserver

  3. Type the following command:

    reg.exe ADD "HKLM\Software\Research In Motion\BBAttachEngine\Distillers\LoadPDFDistiller" /v Enabled /t REG_DWORD /d 0

    Important: Undertake registry modifications at your own risk, and only if you are confident in your ability to do so successfully. Serious, unsolvable problems that might require you to reinstall your operating system can occur if you modify the registry incorrectly.

  4. Type the following command:

    net start bbtattachserver

CollapseAdditional Information


CVSS is a vendor agnostic, industry open standard designed to convey the severity of vulnerabilities. CVSS scores may be used to determine the urgency for update deployment within an organization. CVSS scores range from 0.0 (no vulnerability) to 10.0 (critical). RIM uses CVSS in vulnerability assessments to present an immutable characterization of security issues. RIM assigns all security relevant issues a non-zero score.

BlackBerry Security

Visit for more information on BlackBerry security.


RIM thanks Sean Larsson of iDefense Labs for reporting these issues to RIM, and working with RIM to protect its customers.

CollapseChange Log


Updates to article formatting. No technical content changed.


By downloading, accessing or otherwise using the Knowledge Base documents you agree:

   (a) that the terms of use for the documents found at apply to your use or reference to these documents; and

   (b) not to copy, distribute, disclose or reproduce, in full or in part any of the documents without the express written consent of RIM.

Visit the BlackBerry Technical Solution Center at