Vulnerability Name:

CCN-18923

Published:2005-01-17
Updated:2005-01-17
Summary:BlackBerry Enterprise Server is vulnerable to a denial of service attack, caused by a vulnerability in the Mobile Data Service. By creating a malicious WML (Wireless Markup Language) page, a remote attacker could consume all available CPU resources, once the victim visits the malicious Web page.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: Research In Motion Limited (RIM) Web site
BlackBerry Enterprise Server for Microsoft Exchange

Source: CCN
Type: BID-12282
Research In Motion Blackberry Enterprise Server Mobile Data Service Denial Of Service Vulnerability

Source: XF
Type: UNKNOWN
blackberry-mobile-wml-dos(18923)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:rim:blackberry_enterprise_server:3.6:*:*:*:*:*:*:*
  • OR cpe:/a:rim:blackberry_enterprise_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:rim:blackberry_enterprise_server:4.0_sp1:*:*:*:*:*:*:*
  • OR cpe:/a:rim:blackberry_enterprise_server:3.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:rim:blackberry_enterprise_server:3.6_sp1a:*:*:*:*:*:*:*
  • OR cpe:/a:rim:blackberry_enterprise_server:2.2_sp4:*:*:*:*:*:*:*
  • OR cpe:/a:rim:blackberry_enterprise_server:2.2_sp3a:*:*:*:*:*:*:*
  • OR cpe:/a:rim:blackberry_enterprise_server:2.2_sp2a:*:*:*:*:*:*:*
  • OR cpe:/a:rim:blackberry_enterprise_server:2.2_sp2:*:*:*:*:*:*:*
  • OR cpe:/a:rim:blackberry_enterprise_server:2.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    rim blackberry enterprise server 3.6
    rim blackberry enterprise server 4.0
    rim blackberry enterprise server 4.0_sp1
    rim blackberry enterprise server 3.6.1
    rim blackberry enterprise server 3.6_sp1a
    rim blackberry enterprise server 2.2_sp4
    rim blackberry enterprise server 2.2_sp3a
    rim blackberry enterprise server 2.2_sp2a
    rim blackberry enterprise server 2.2_sp2
    rim blackberry enterprise server 2.2