[hdawg]

KB15770 - Vulnerability in the PDF distiller of the BlackBerry Attachment Service for BlackBerry Unite

-----

Environment

* BlackBerry® Unite!™ software versions earlier than 1.0 Service Pack 1 (1.0.1) bundle 36



Overview

This advisory describes a security issue that the BlackBerry Attachment Service component of BlackBerry Unite! is susceptible to. The issue relates to a known vulnerability in the PDF distiller component of the BlackBerry Attachment Service that affects how the BlackBerry Attachment Service processes PDF files.

This vulnerability has a Common Vulnerability Scoring System (CVSS) score of 9.0.


Problem

A security vulnerability in the PDF distiller of the BlackBerry Attachment Service could enable a malicious individual to use a specially crafted PDF file attachment in an email message to cause arbitrary code to execute on the computer that the BlackBerry Attachment Service runs on. If a BlackBerry smartphone user on BlackBerry Unite! opens and views the specially crafted PDF file attachment on the BlackBerry smartphone; the arbitrary code execution could compromise the computer.


Resolution

Upgrade to BlackBerry Unite! version 1.0 Service Pack 1 (1.0.1) bundle 36 or later. To obtain the BlackBerry Unite! software, visit BlackBerry.


Workaround

Note: As a mobile device best practice, Research In Motion (RIM) recommends that BlackBerry smartphone users open attachments from trusted sources only.

Prevent the BlackBerry Attachment Service from processing PDF files in a BlackBerry Unite! environment

Warning: The following procedure involves modifying the computer registry. This can cause substantial damage to the Windows® operating system. Document and back up the registry entries prior to implementing any changes.

1. Open the command prompt.
2. Type the following command:

net stop bbattachserver
3. Type the following command:

reg.exe ADD "HKLM\Software\Research In Motion\BBAttachEngine\Distillers\LoadPDFDistiller" /v Enabled /t REG_DWORD /d 0

Important: Undertake registry modifications at your own risk, and only if you are confident in your ability to do so successfully. Serious, unsolvable problems that might require you to reinstall your operating system can occur if you modify the registry incorrectly.
4. Type the following command:

net start bbtattachserver



Additional Information

CVSS is a vendor agnostic, industry open standard designed to convey the severity of vulnerabilities. CVSS scores may be used to determine the urgency for update deployment within an organization. CVSS scores range from 0.0 (no vulnerability) to 10.0 (critical). RIM uses CVSS in vulnerability assessments to present an immutable characterization of security issues. RIM assigns all security relevant issues a non-zero score.

Visit BlackBerry - BlackBerry Enterprise Solution | Wireless Network Security for Corporate Data for more information on BlackBerry security.

[hrbuckley]

Unite Release 1.0.1 Bundle 37 came out over the weekend. I don't see any obvious changes to the UI. Related to the vulnerability?