BlackBerry Overview
Local Navigation
Research In Motion (RIM) has reported the following security issues for BlackBerry® Enterprise Solution. The links below outline the specific issue regarding each vulnerability and the software update that addresses it.
- Vulnerability in the BlackBerry Desktop Manager allows remote code execution (November 3, 2009)
- BlackBerry Browser dialog box does not clearly indicate mismatches between web site domain names and associated certificates (September 28, 2009)
- Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server (May 26, 2009)
- Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server (April 16, 2009)
- Cross site scripting vulnerability in the BlackBerry Enterprise Server MDS Connection Service (April 16, 2009)
- Vulnerability exists in BlackBerry Application Web Loader ActiveX control (February 10, 2009) – Updated
- Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server (January 12, 2009)
- Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for BlackBerry Unite (January 12, 2009)
- Updating an ActiveX control that the Roxio Media Manager uses (November 27, 2008) – Updated
- Recommendation on the use of administrative roles in the BlackBerry Manager (November 26, 2008)
- Vulnerability in the PDF distiller of the BlackBerry Attachment Service for BlackBerry Unite (July 10, 2008)
- Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server (July 10, 2008)
- Updating the Microsoft® GDI component that the BlackBerry® Attachment Service uses (April 28, 2008) – Updated
- TeamOn Import Object ActiveX control vulnerability (May 9, 2007) – Updated
- SIP INVITE vulnerability in From field format string on the BlackBerry® 7270 smartphone (March 27, 2007)
- BlackBerry 7270 smartphone does not handle SIP INVITE messages properly (March 27, 2007)
- SIP INVITE URI user name format string vulnerability in the BlackBerry 7270 smartphone (March 27, 2007)
- Protecting the BlackBerry device and BlackBerry® Enterprise Server against malware (March 20, 2007)
- Temporary denial of service in the BlackBerry® Browser (March 11, 2007)
- Denial of service on the BlackBerry Router (May 10, 2006)
- Browser dialogue box not properly dismissed after downloading a corrupt JAD file (May 4, 2006)
- Corrupt Word file may cause buffer overflow in the BlackBerry Attachment Service (February 9, 2006)
- Corrupt TIFF file may cause heap overflow resulting in denial of service in the BlackBerry Attachment Service (January 20, 2006)
- Corrupt PNG file may cause heap overflow in the BlackBerry Attachment Service (January 6, 2006)
- RIM analysis of buffer overrun in decompression algorithm (June 7, 2005)
- HexView advisory on BlackBerry device buffer overflow and data loss (October 29, 2004)
Other Resources
- Subscribe to the BlackBerry Security Notices RSS feed to receive notification of all BlackBerry security advisories. View all available RSS feeds.
- Read about BlackBerry security certifications
- Security Knowledge Base
