1. dpeters11's Avatar
    02-18-13 09:09 PM
  2. Sith_Apprentice's Avatar
    As usual the workaround is either upgrade to MR2 or disable processing of the listed files with the vulnerability. Thanks for posting this.

    What is interesting:

    Affected Software

    • BlackBerry Enterprise Server Express version 5.0.4 and earlier for Microsoft Exchange and IBM Lotus Domino
    • BlackBerry Enterprise Server version 5.0.4 and earlier for Microsoft Exchange, IBM Lotus Domino and Novell Groupwise

    Note: The affected software includes versions that are no longer supported. Visit the Software Support Lifecycle site for information about supported BES versions. See the Resolution section of this advisory for more information on upgrading to a supported version for which a security software update is available.



    Non Affected Software

    • BlackBerry Device Software
    • BlackBerry Desktop Software
    • BlackBerry Enterprise Server version 5.0.4 MR1 and later for Microsoft Exchange, IBM Lotus Domino and Novell Groupwise
    • BlackBerry Enterprise Server Express version 5.0.4 (interim security update) and later for Microsoft Exchange and IBM Lotus Domino
    • BlackBerry Enterprise Service 10

    Note: BlackBerry Enterprise Server version 5.0.4. MR1 is no longer available. The current available software version for BlackBerry Enterprise Server is version 5.0.4 MR2.

    Superfly_FR likes this.
    02-19-13 06:20 AM
  3. dpeters11's Avatar
    I actually started to install MR1, but the compatibility level of my database was wrong, then found it had been pulled when they found issues with it.

    At least it's not another PDF vulnerability. I was getting tired of applying all those.
    Sith_Apprentice likes this.
    02-19-13 09:34 AM
  4. Sith_Apprentice's Avatar
    I had no problems with MR1 but applied MR2 to stay current.
    02-19-13 10:08 AM
  5. dbmalloy's Avatar
    Nice to see BB being straight forward on these issues...... rather refreshing considering how many times to competition is not as forthcoming....
    02-19-13 10:11 AM
  6. justin.lafleur's Avatar
    Does this also apply in BES 4.1.7 ?
    02-21-13 06:22 AM
LINK TO POST COPIED TO CLIPBOARD