Secunia Security Advisory - A vulnerability has been reported in BlackBerry Enterprise Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
466942874d911547aca6456b8ff4c50d84410df74e1c7ac4830a883bb052f1e8
TITLE:
BlackBerry Enterprise Server Mobile Data Service Denial of Service
SECUNIA ADVISORY ID:
SA13861
VERIFY ADVISORY:
http://secunia.com/advisories/13861/
CRITICAL:
Less critical
IMPACT:
DoS
WHERE:
>From remote
SOFTWARE:
BlackBerry Enterprise Server for Exchange 4.x
http://secunia.com/product/4530/
BlackBerry Enterprise Server for Domino 2.x
http://secunia.com/product/4528/
BlackBerry Enterprise Server for Domino 4.x
http://secunia.com/product/4531/
BlackBerry Enterprise Server for Exchange 3.x
http://secunia.com/product/1952/
DESCRIPTION:
A vulnerability has been reported in BlackBerry Enterprise Server,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
The vulnerability is caused due to an error in the Mobile Data
Service when processing WML (Wireless Markup Language) pages and can
be exploited by tricking a user into viewing a malicious WML page
containing an URL without space characters in the comment block.
Successful exploitation causes a 100% CPU utilisation.
SOLUTION:
The vulnerability has been fixed in the following versions:
* BlackBerry Enterprise Server for Domino 2.2 Service Pack 4 Hot Fix
2
* BlackBerry Enterprise Server for Microsoft Exchange 3.6 Service
Pack 4 Hot Fix 2
Secunia is currently not aware of any available fixes for the
following affected versions:
* BlackBerry Enterprise Server for Microsoft Exchange 4.0
* BlackBerry Enterprise Server for Domino 4.0
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed