Quick Links

Security vulnerability with PDF documents on BlackBerry Enterprise Server


Published: 17Jul2008

Due to a security vulnerability associated with PDF documents on the BlackBerry Enterprise Server, McGill is disabling PDF support for BlackBerry users until there is a resolution provided by Research in Motion.

Service will be interrupted between 11:00 pm and 12:00 am tonight, July 17, while changes on the BlackBerry server are implemented.

ā€œA security vulnerability in the PDF distiller of the BlackBerry Attachment Service could enable a malicious individual to use a specially crafted PDF file attachment in an email message to cause arbitrary code to execute on the computer that the BlackBerry Attachment Service runs on. If a BlackBerry smartphone user on a BlackBerry Enterprise Server opens and views the specially crafted PDF file attachment on the BlackBerry smartphone, the arbitrary code execution could compromise the computer.ā€

For full details see the problem description on the BlackBerry website.