US-CERT has issued a security advisory warning users against a security vulnerability in the PDF Distiller of the BlackBerry Attachment Service component for certain versions of the BlackBerry Enterprise
The attacker launches an attack by luring the victim to open a specially created PDF file on his BlackBerry smartphone which is associated with the user’s account on the BlackBerry Enterprise server. The PDF file is sent either as an e-mail attachment or as a file download link.
Research In Motion (RIM) has also issued a security advisory describing the problem in detail, and issued an update to rectify the vulnerability. A similar security issue for the PDF distiller for BlackBerry was discovered last year.