The high severity advisory involves the way the phone views Tagged Image File Format (TIFF) files, specifically the way the phone’s Mobile Data System Connection Service and Messaging Agent processes and renders the images.
An attacker could rig a TIFF image with malware and get a user to either view the image via a specially crafted website or send it to the user via email or instant message. The last two exploit vectors could make it so the user wouldn’t have to click the link or image, or view the email or instant message, for the attack to prove successful. Once executed, an attacker could access and execute code on Blackberry’s Enterprise Server
Link to Original Source