[nsp-sec] BlackBerry Security Advisory
Campisano, Mario
Mario.Campisano at Level3.com
Thu May 28 11:00:28 EDT 2009
UPDATED THE LINKS
Interesting article I came across last night. Figured I would pass it along, in case anyone missed it.
US-CERT Current Activity
BlackBerry Security Advisory
Original release date: May 27, 2009 at 8:55 am
Last revised: May 27, 2009 at 8:55 am
Research In Motion has released security advisory KB18327 to address multiple vulnerabilities in the PDF distiller of the BlackBerry Attachment Service. By convincing a user to open a specially crafted PDF file on a BlackBerry smartphone, an attacker may be able to execute arbitrary code on the computer hosting the BlackBerry Attachment Service.
US-CERT encourages users and administrators to review BlackBerry security advisory KB18327 and apply the update or implement the workarounds provided in the document to help mitigate the risks.
Relevant Url(s):
<http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB18327><http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB18327>
====
This entry is available at
http://www.us-cert.gov/current/index.html#blackberry_security_advisory2
Thank you,
Mario Campisano
Manager
Network Security Operations
Level 3 Communications, LLC
abuse at level3.com<mailto:abuse at level3.com>
securityoperations at level3.com<mailto:securityoperations at level3.com>
720-888-0012
------------------------------------------------------------------------------------
CONFIDENTIALITY NOTICE:
THE INFORMATION CONTAINED IN THIS MESSAGE MAY BE ATTORNEY PRIVILEGED AND CONFIDENTIAL INFORMATION INTENDED ONLY FOR THE USE OF THE INDIVIDUALS OR ENTITIES NAMED ABOVE. IF THE READER OF THIS MESSAGE IS NOT THE INTENDED RECIPIENT, OR THE EMPLOYEE OR AGENT RESPONSIBLE FOR DELIVERY OF IT TO THE INTENDED RECIPIENT, YOU ARE HEREBY NOTIFIED THAT ANY DISSEMINATION, DISTRIBUTION OR COPYING OF THIS COMMUNICATION IS STRICTLY PROHIBITED. IF YOU RECEIVED THIS COMMUNICATION IN ERROR, PLEASE IMMEDIATELY NOTIFY ME BY TELEPHONE OR E-MAIL, AND DESTROY THIS MESSAGE. THANK YOU.
More information about the nsp-security
mailing list