Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service

Published: 2009-12-01. Last Updated: 2009-12-01 23:32:03 UTC
by Chris Carboni (Version: 1)
1 comment(s)

Brian and Francois let us know about a new vulnerability in the  PDF distiller of the BlackBerry Attachment Service for the Blackberry Enterprise Server.

"Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry Attachment Service component of the BlackBerry Enterprise Server. These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a BlackBerry smartphone that is associated with a user account on a BlackBerry Enterprise Server, could cause memory corruption and possibly lead to a Denial of Service (DoS) condition or arbitrary code execution on the computer that hosts the BlackBerry Attachment Service component of that BlackBerry Enterprise Server."

The RIM announcement can be found here, and a brief US-CERT announcement is posted here.

Christopher Carboni - Handler On Duty

Keywords: Blackberry PDF
1 comment(s)

Clientless SSL VPN products break web browser domain-based security models

Published: 2009-12-01. Last Updated: 2009-12-01 12:50:28 UTC
by Chris Carboni (Version: 1)
0 comment(s)

Matt sent a note pointing to a new advisory issued by US-CERT

"By convincing a user to view a specially crafted web page, a remote attacker may be able to obtain VPN session tokens and read or modify content (including cookies, script, or HTML content) from any site accessed through the clientless SSL VPN. This effectively eliminates same origin policy restrictions in all browsers. For example, the attacker may be able to capture keystrokes while a user is interacting with a web page. Because all content runs at the privilege level of the web VPN domain, mechanisms to provide domain-based content restrictions, such as Internet Explorer security zones and the Firefox add-on NoScript, may be bypassed."

The complete advisory can be viewed here.

Christopher Carboni - Handler On Duty

Keywords: VPN SSL
0 comment(s)

Comments


Diary Archives