Friday, August 12, 2011

BB server remote execution vulnerabilty: CVSS score 10 !!!!

RIM issue a critical update on BB server

Vulnerabilities in BlackBerry Enterprise Server components that process images could allow remote code execution

These vulnerabilities have a Common Vulnerability Scoring System (CVSS) score of 10.0 (high severity).

Scary shit..

to get SVSS score of 10 seems to be a "perfect" vulnerability.

Vulnerabilities exist in how the BlackBerry MDS Connection Service and the BlackBerry Messaging Agent process PNG and TIFF images for rendering on the BlackBerry smartphone. Successful exploitation of any of these vulnerabilities might allow an attacker to gain access to and execute code on the BlackBerry Enterprise Server.

many enterprises consider BB good as it's secure... :-B



Post a Comment

Subscribe to Post Comments [Atom]

<< Home