{"id":143,"date":"2010-12-15T11:14:23","date_gmt":"2010-12-15T17:14:23","guid":{"rendered":"http:\/\/www.digitallachance.com\/blog\/?p=143"},"modified":"2010-12-15T11:14:23","modified_gmt":"2010-12-15T17:14:23","slug":"vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server","status":"publish","type":"post","link":"http:\/\/digitallachance.com\/blog\/2010\/12\/vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server\/","title":{"rendered":"Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server"},"content":{"rendered":"<p>Looks like there has been another vulnerability discovered in the BlackBerry Enterprise Server PDF distiller of the BlackBerry Attachment Service.  This vulnerability is scoring 7.8 on the CVSS scale, so it is a high risk vulnerability.\u00a0 You should apply the patch to your BES server ASAP.<\/p>\n<p>See <a title=\"This will open a new window to the BlackBerry web site.\" href=\"http:\/\/www.blackberry.com\/btsc\/search.do?cmd=displayKC&amp;docType=kc&amp;externalId=KB24761\" target=\"_blank\">http:\/\/www.blackberry.com\/btsc\/search.do?cmd=displayKC&amp;docType=kc&amp;externalId=KB24761<\/a> for the details from RIM.<\/p>\n<p>If you haven&#8217;t already done so, you really should have the attachment service running in a segmented network in order to prevent the spread of malware.  The PDF distiller has required quite a few patches in the past few years and is, in my opinion, the weakest point in the whole BES architecture.\u00a0 See the BlackBerry technical notes on how to achieve segmentation <a title=\"This will open a new window to the BlackBerry web site.\" href=\"http:\/\/docs.blackberry.com\/en\/admin\/deliverables\/17843\/index.jsp?name=Placing+the+BlackBerry+Enterprise+Server+in+a+segmented+network+-+Technical+Note+-+BlackBerry+Enterprise+Server+for+Microsoft+Exchange5.0.2&amp;language=English&amp;userType=2&amp;category=BlackBerry+Enterprise+Server+for+Microsoft+Exchange&amp;subCategory=\" target=\"_blank\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Looks like there has been another vulnerability discovered in the BlackBerry Enterprise Server PDF distiller of the BlackBerry Attachment Service.  <\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3,11],"tags":[16,55,39,40,52],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v15.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - IT A Digital Life<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/digitallachance.com\/blog\/2010\/12\/vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server\/\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\">\n\t<meta name=\"twitter:data1\" content=\"1 minute\">\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/digitallachance.com\/blog\/#website\",\"url\":\"https:\/\/digitallachance.com\/blog\/\",\"name\":\"IT A Digital Life\",\"description\":\"All things digital\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/digitallachance.com\/blog\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/digitallachance.com\/blog\/2010\/12\/vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server\/#webpage\",\"url\":\"https:\/\/digitallachance.com\/blog\/2010\/12\/vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server\/\",\"name\":\"Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - IT A Digital Life\",\"isPartOf\":{\"@id\":\"https:\/\/digitallachance.com\/blog\/#website\"},\"datePublished\":\"2010-12-15T17:14:23+00:00\",\"dateModified\":\"2010-12-15T17:14:23+00:00\",\"author\":{\"@id\":\"https:\/\/digitallachance.com\/blog\/#\/schema\/person\/8a2f0b2a18af80d71541deadfac4d02f\"},\"breadcrumb\":{\"@id\":\"https:\/\/digitallachance.com\/blog\/2010\/12\/vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/digitallachance.com\/blog\/2010\/12\/vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/digitallachance.com\/blog\/2010\/12\/vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/digitallachance.com\/blog\/2010\/12\/vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server\/\",\"url\":\"https:\/\/digitallachance.com\/blog\/2010\/12\/vulnerability-in-the-pdf-distiller-of-the-blackberry-attachment-service-for-the-blackberry-enterprise-server\/\",\"name\":\"Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server\"}}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/digitallachance.com\/blog\/#\/schema\/person\/8a2f0b2a18af80d71541deadfac4d02f\",\"name\":\"Francois\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/digitallachance.com\/blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"http:\/\/0.gravatar.com\/avatar\/ce2ee0649f3fb6a643ffff9a9f1e63e4?s=96&d=mm&r=g\",\"caption\":\"Francois\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/posts\/143"}],"collection":[{"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/comments?post=143"}],"version-history":[{"count":0,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/posts\/143\/revisions"}],"wp:attachment":[{"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/media?parent=143"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/categories?post=143"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/tags?post=143"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}