RIM has reported three newly discovered vulnerabilities in the BlackBerry 6 Webkit browser. The vulnerabilities could allow a hacker to modify data stored within a BlackBerry 6 smartphone's internal storage, and external media card.
"Successful exploitation of the vulnerabilities requires the BlackBerry smartphone user to browse to a website that the attacker has maliciously designed. A successful attack could result in remote code execution (RCE) on a smartphone running BlackBerry 6. An attacker exploiting these vulnerabilities could read or write to the built-in media storage section of a BlackBerry smartphone or to the media card but could not access user data that the email, calendar, and contact applications store in the application storage (the internal file system that stores application data and user data) of the BlackBerry smartphone."
RIM recommends updating to the latest version of the BlackBerry OS 6.
RIM also reported a BES bug that could affect organizations using Microsoft's Office Communications Server (OCS) 2007 R2 and/or the Microsoft Lync Server 2010 BlackBerry IM Client with certain versions of RIM's BES for Lotus Notes and BES for Microsoft Exchange.
To address the issue RIM released BES 5.0.3 maintenance release 4 (MR4) update. You can get the update at the link below.
"Successful exploitation of the vulnerabilities requires the BlackBerry smartphone user to browse to a website that the attacker has maliciously designed. A successful attack could result in remote code execution (RCE) on a smartphone running BlackBerry 6. An attacker exploiting these vulnerabilities could read or write to the built-in media storage section of a BlackBerry smartphone or to the media card but could not access user data that the email, calendar, and contact applications store in the application storage (the internal file system that stores application data and user data) of the BlackBerry smartphone."
RIM recommends updating to the latest version of the BlackBerry OS 6.
RIM also reported a BES bug that could affect organizations using Microsoft's Office Communications Server (OCS) 2007 R2 and/or the Microsoft Lync Server 2010 BlackBerry IM Client with certain versions of RIM's BES for Lotus Notes and BES for Microsoft Exchange.
To address the issue RIM released BES 5.0.3 maintenance release 4 (MR4) update. You can get the update at the link below.