RIM Advisory Warns of Code Execution Vulnerability in BES

Canadian Smartphone maker Research In Motion (RIM) recently released a document of caution for the users of its famous Blackberry mobile phone, revealing about vulnerabilities present system that poses risk of remote exploitation.

RIM has issued an advisory for BlackBerry users with details explaining about how the existing five flaws could risk remote attacks on BlackBerry’s Business Server via remote mediums.

“Vulnerabilities exist in how the BlackBerry MDS Connection Service and the BlackBerry Messaging Agent process PNG and TIFF images for rendering on the BlackBerry smartphone. Successful exploitation of any of these vulnerabilities might allow an attacker to gain access to and execute code on the BlackBerry Enterprise Server.” advisory from RIM reads.

According to ZDNet, the Canada-based BlackBerry maker has already released a patch to fix the flaws and safeguard their Enterprise Servers from getting exploited by unknown resources as the loopholes can easily be exploited by code execution even from a distance.

According to the details available, attackers can get access to other parts of the server if the attempt to break in proves successful. All a hacker needs to do is create a special webpage with a link and convince BlackBerry user to click upon it. Rest can easily be taken care of automatically through the exploit code.