{"id":9313,"date":"2013-02-19T21:39:22","date_gmt":"2013-02-20T03:39:22","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=9313"},"modified":"2013-02-19T21:44:28","modified_gmt":"2013-02-20T03:44:28","slug":"tiff-files-can-attack-blackberry-server","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=9313","title":{"rendered":"TIFF Files Can Attack BlackBerry Server"},"content":{"rendered":"<blockquote><p>Hiding malicious code inside image files isn\u2019t new: way back in ye olden days of 2004, malware hidden inside JPEG files plagued Windows machines. Some administrators are doubtlessly wondering why, after all this time, this sort of vulnerability hasn\u2019t been decisively eliminated from the online world.<\/p><\/blockquote>\n<p>via <a href=\"http:\/\/slashdot.org\/topic\/datacenter\/tiff-files-can-attack-blackberry-server\/\">TIFF Files Can Attack BlackBerry Server<\/a>.<\/p>\n<p>From: <a href=\"https:\/\/threatpost.com\/en_us\/blogs\/blackberry-vulnerability-could-allow-access-enterprise-server-021913\">BlackBerry Vulnerability Could Allow Access to Enterprise Server<\/a><\/p>\n<blockquote><p>An attacker could rig a TIFF image with malware and get a user to either view the image via a specially crafted website or send it to the user via email or instant message. The last two exploit vectors could make it so <strong>the user wouldn\u2019t have to click the link or image, or view the email or instant message<\/strong>, for the attack to prove successful. Once executed, an attacker could access and execute code on Blackberry\u2019s Enterprise Server. <a href=\"http:\/\/btsc.webapps.blackberry.com\/btsc\/viewdocument.do?externalId=KB33425&amp;sliceId=1&amp;cmd=displayKC&amp;docType=kc&amp;noCount=true&amp;ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl#CAenvironmentSection\" target=\"_blank\">According to the advisory<\/a>, an attacker could also &#8220;extend access to other non-segmented parts of the network,\u201d depending on privileges.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Hiding malicious code inside image files isn\u2019t new: way back in ye olden days of 2004, malware hidden inside JPEG files plagued Windows machines. Some administrators are doubtlessly wondering why, after all this time, this sort of vulnerability hasn\u2019t been &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=9313\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[284],"tags":[427,550],"class_list":["post-9313","post","type-post","status-publish","format-standard","hentry","category-servers","tag-exploit","tag-rim"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9313","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9313"}],"version-history":[{"count":2,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9313\/revisions"}],"predecessor-version":[{"id":9314,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9313\/revisions\/9314"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9313"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}