From the “I hate it when that happens” department: there’s a vuln in the BlackBerry software (at least in the 7230 model) that can be used to cause the device to reboot on demand. The problem is triggered by >128Kb of text in the “Location” field of a meeting request. As RIM points out, Outlook limits that field to 255 characters, so you’d have to hand-craft attack messages. However, these messages don’t do permanent damage; they just cause annoying reboots.
RIM confirms that they’ve already fixed this for version 3.8 of the handheld software, and that they will be adding a filter on their server-side software versions to keep these messages from getting to the device in the first place. It does raise the interesting question of what other vulns might exist in the RIM devices (as well as those from Good, Palm, and Microsoft).