PDF distiller exploit lets hackers attack BlackBerry smartphones

Security Alert

PDF distiller exploit lets hackers attack BlackBerry smartphones

SearchSecurity.in Staff

US-CERT has issued a security advisory warning users against a security vulnerability in the PDF Distiller of the BlackBerry Attachment Service component for certain versions of the BlackBerry Enterprise

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

Server. This security exploit allows an attacker to cause buffer overflow errors and execute arbitrary code on the system hosting the BlackBerry Attachment Service.

The attacker launches an attack by luring the victim to open a specially created PDF file on his BlackBerry smartphone which is associated with the user’s account on the BlackBerry Enterprise server. The PDF file is sent either as an e-mail attachment or as a file download link.

Research In Motion (RIM) has also issued a security advisory describing the problem in detail, and issued an update to rectify the vulnerability. A similar security issue for the PDF distiller for BlackBerry was discovered last year.