PDF distiller exploit lets hackers attack BlackBerry smartphones

Attackers can exploit PDF distiller for BlackBerry Attachment Service and execute malicious code. RIM issues security update.

US-CERT has issued a security advisory warning users against a security vulnerability in the PDF Distiller of the BlackBerry Attachment Service component for certain versions of the BlackBerry Enterprise Server. This security exploit allows an attacker to cause buffer overflow errors and execute arbitrary code on the system hosting the BlackBerry Attachment Service.

The attacker launches an attack by luring the victim to open a specially created PDF file on his BlackBerry smartphone which is associated with the user’s account on the BlackBerry Enterprise server. The PDF file is sent either as an e-mail attachment or as a file download link.

Research In Motion (RIM) has also issued a security advisory describing the problem in detail, and issued an update to rectify the vulnerability. A similar security issue for the PDF distiller for BlackBerry was discovered last year.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Data breach incident management and recovery

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close