Consumers are indifferent to the many serious security risks associated with the storage and transmission of sensitive personal data on iPhone, Blackberry and Android devices, according to The Ponemon Institute.
On the second day of the Pwn2Own contest held at the CanSecWest conference, iPhone and Blackberry devices have been successfully exploited, while the scheduled Android and Windows Phone 7 attacks didn't take place because the contestants didn't show up.
A vulnerability in the BlackBerry Attachment Service component of the BlackBerry Enterprise Server could allow a malicious individual to cause buffer overflow errors, leading to a DoS condition or possibly arbitrary code execution on the computer that the BlackBerry Attachment Service runs on. Successful exploitation of this issue requires a malicious individual to persuade a BlackBerry smartphone user to open a specially crafted PDF file on a BlackBerry smartphone that is associated with a user account on a BlackBerry Enterprise Server. The PDF file may be attached to an email message, or the BlackBerry smartphone user may retrieve it from a web site using the Get Link menu item on the BlackBerry smartphone. RIM has resolve the vulnerability in affected versions of the BlackBerry Enterprise Server.