Vulnerabilities (CVE)

Filtered by vendor Rim Subscribe
Total 36 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-3038 2 Ibm, Rim 2 Lotus Notes Connector, Blackberry Desktop Manager 2024-02-28 4.3 MEDIUM N/A
A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion (RIM) Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of service (Internet Explorer crash) by referencing the control's CLSID in the classid attribute of an OBJECT element.
CVE-2008-3246 2 Blackberry, Rim 7 Enterprise Server, Unite, Blackberry Enterprise Server and 4 more 2024-02-28 9.3 HIGH N/A
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
CVE-2009-0307 1 Rim 1 Blackberry Enterprise Server 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters.
CVE-2009-3477 1 Rim 1 Blackberry Device Software 2024-02-28 6.8 MEDIUM N/A
The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle "hidden" characters including a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2007-3444 1 Rim 2 Blackberry 7270, Blackberry Software 2024-02-28 4.3 MEDIUM N/A
The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service (blocked call reception) via a malformed SIP invite message, possibly related to multiple format string specifiers in the From field, a spoofed source IP address, and limitations of the function stack frame.
CVE-2007-1441 1 Rim 3 Blackberry, Blackberry 8100, Blackberry Browser 2024-02-28 4.3 MEDIUM N/A
The 4thPass browser (BlackBerry Browser) on the RIM BlackBerry 8100 (Pearl) before 4.2.1 allows remote attackers to cause a denial of service (temporary functionality loss) via a long href attribute in a link in a WML page.
CVE-2006-5489 1 Rim 1 Blackberry Enterprise Server 2024-02-28 5.0 MEDIUM N/A
Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time.
CVE-2007-0323 1 Rim 1 Teamon Import Object Activex Control 2024-02-28 7.5 HIGH N/A
Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-3483 1 Rim 1 Blackberry Enterprise Server 2024-02-28 10.0 HIGH N/A
Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.
CVE-2005-2343 1 Rim 3 Blackberry, Blackberry Desktop Manager, Blackberry Device Software 2024-02-28 2.6 LOW N/A
Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.
CVE-2006-0761 1 Rim 1 Blackberry Enterprise Server 2024-02-28 5.1 MEDIUM N/A
Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device.
CVE-2005-4848 1 Rim 1 Blackberry Enterprise Server 2024-02-28 7.5 HIGH N/A
Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets.
CVE-2005-2341 1 Rim 2 Blackberry Attachment Service, Blackberry Enterprise Server 2024-02-28 7.5 HIGH N/A
Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.
CVE-2005-2344 1 Rim 1 Blackberry Enterprise Server 2024-02-28 5.0 MEDIUM N/A
The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.
CVE-2005-2342 1 Rim 2 Blackberry Enterprise Server, Blackberry Router 2024-02-28 7.8 HIGH N/A
Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.
CVE-2004-1597 1 Rim 1 Blackberry 2024-02-28 5.0 MEDIUM N/A
RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored.