This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Rim First view 2009-11-04
Product Blackberry Desktop Software Last view 2010-12-17
Version 1.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:rim:blackberry_desktop_software

Activity : Overall

Related : CVE

  Date Alert Description
2.1 2010-12-17 CVE-2010-2603

RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for Mac, uses a weak password to encrypt a database backup file, which makes it easier for local users to decrypt the file via a brute force attack.

9.3 2010-09-15 CVE-2010-2600

Untrusted search path vulnerability in BlackBerry Desktop Software before allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Blackberry.

9.3 2009-11-04 CVE-2009-0306

Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in lnresobject.dll in BlackBerry Desktop Manager in Research In Motion (RIM) BlackBerry Desktop Software before 5.0.1 allows remote attackers to execute arbitrary code via a crafted web page. NOTE: some of these details are obtained from third party information.

CWE : Common Weakness Enumeration

50% (1) CWE-310 Cryptographic Issues
50% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
69928 BlackBerry Desktop Software Database Backup File Password Brute Force Weakness
67992 BlackBerry Desktop Software Path Subversion Arbitrary DLL Injection Code Exec...
59748 IBM Lotus Notes Intellisync in BlackBerry Desktop Manager lnresobject.dll Act...

OpenVAS Exploits

id Description
2011-02-01 Name : BlackBerry Desktop Software Information Disclosure Vulnerability
File : nvt/secpod_blackberry_desktop_sec_bypass_vuln.nasl
2010-09-23 Name : BlackBerry Desktop Software Insecure Library Loading Vulnerability
File : nvt/secpod_blackberry_desktop_insecure_lib_load_vuln_win.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2010-A-0132 BlackBerry Desktop Software Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025352
2009-A-0112 Blackberry Desktop Manager Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0021926

Nessus® Vulnerability Scanner

id Description
2010-12-30 Name: The remote Windows host contains a program that uses a weak password to encry...
File: blackberry_desktop_software_6_0_1.nasl - Type: ACT_GATHER_INFO
2010-09-24 Name: The remote Windows host contains a program that is affected by a DLL loading ...
File: blackberry_desktop_software_6_0_b47.nasl - Type: ACT_GATHER_INFO
2009-11-04 Name: The remote Windows host has an ActiveX control that is allows remote executio...
File: blackberry_intellisync_activex_cmd_exec.nasl - Type: ACT_GATHER_INFO