Vulnerability Details : CVE-2009-2643
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2009-2643
- cpe:2.3:a:rim:blackberry_enterprise_server:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:rim:blackberry_enterprise_server:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:rim:blackberry_enterprise_server:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:rim:blackberry_enterprise_server:4.1.6:mr4:*:*:*:*:*:*
- cpe:2.3:a:rim:blackberry_enterprise_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:rim:blackberry_professional_software:4.1.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-2643
4.82%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-2643
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2009-2643
Jump to