Welcome Guest [Log In] [Register]

Kia Ora
You are currently viewing our forum as a guest. This means you are limited to certain areas of the board and that there are some features you can't use or read.

We are an active community of worldwide senior members participating in chat, politics, travel, health, blogging, graphics, computer issues & help, book club, literature & poetry, finance discussions, recipe exchange and much more. Also, as a member you will be able to access member only sections, many features, send personal messages, make new friends, etc.

Registration is simple, fast and completely free. Why not register today and become a part of the group. Registration button at the very top left of the page.

Thank you for stopping by.

Join our community!

In case of difficulty, email worldwideseniors.org@gmail.com.
If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
Images used to break into BlackBerry servers
Topic Started: Aug 15 2011, 06:39 PM (47 Views)
Deleted User
Deleted User

Quote:
 
Images used to break into BlackBerry servers

RIM has issued a warning of a critical security hole in its BlackBerry Enterprise Server, which attackers can use to compromise a system remotely. The image.dll library prepares images on web sites and as email attachments for display on Blackberries but trips over specially crafted PNG and TIFF files in the process. If users get an email or surf to a web site containing such an image, the vulnerable conversion process is launched on the server, thereby executing malicious code. Up till now, most critical holes on Blackberry servers have been related to the PDF distiller.

Versions 5.0.1 to 5.0.3 MR2 of the BlackBerry Enterprise Server for Microsoft Exchange and Lotus Domino, versions 4.1.7 and 5.0.1 to 5.0.1 MR3 for Novell GroupWise, and the Express versions 5.0.1 to 5.0.3 for Exchange and 5.0.2 to 5.0.3 for Domino are vulnerable. RIM has provided patches on its server downloads site for all vulnerable versions and advises server admins to install them immediately. As a workaround, the vendor shows how you can prevent rich content in emails and the display of inline elements on web sites.

(djwm) http://www.h-online.com/security/news/item/Images-used-to-break-into-BlackBerry-servers-1322436.html

Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · ALERTS, UPDATES, WARNINGS, NEWS · Next Topic »
Add Reply