RIM warns of BlackBerry code execution security flaws

Research in Motion (RIM) has issued an advisory to warn of the risk of remote code execution attacks on the BlackBerry Enterprise Server.

The company shipped a patch that covers a total of five documented vulnerabilities that could be exploited via PNG or TIFF images.

From the RIM advisory:

Vulnerabilities exist in how the BlackBerry MDS Connection Service and the BlackBerry Messaging Agent process PNG and TIFF images for rendering on the BlackBerry smartphone. Successful exploitation of any of these vulnerabilities might allow an attacker to gain access to and execute code on the BlackBerry Enterprise Server. Depending on the privileges available to the configured BlackBerry Enterprise Server service account, the attacker might also be able to extend access to other non-segmented parts of the network.

To exploit these vulnerabilities in how the BlackBerry MDS Connection Service processes PNG and TIFF images, an attacker would need to create a specially crafted web page and then persuade the BlackBerry smartphone user to click a link to that web page. The attacker could provide the link to the user in an email or instant message.

To exploit these vulnerabilities in how the BlackBerry Messaging Agent processes PNG and TIFF images, an attacker would need to embed specially crafted PNG and TIFF images in an email message and send the message to the BlackBerry smartphone user. The user does not need to click a link or an image, or view the email message, for the attack to succeed in this scenario.