Lucene search

[email protected]CVE-2015-4111

HistoryJul 20, 2015 - 1:59 a.m.

CVE-2015-4111

2015-07-2001:59:11

CWE-20

[email protected]

web.nvd.nist.gov

cve-2015-4111

blackberry link

arbitrary code execution

mp4 file

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.036 Low

EPSS

Percentile

91.7%

JSON

mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.2.3.53 with installer before 1.1.0.22 allows remote attackers to execute arbitrary code via a crafted MP4 file.

Affected configurations

NVD

Node

blackberryblackberry_linkRange≤1.2.3.52

CPENameOperatorVersion
blackberry:blackberry_linkblackberry blackberry linkle1.2.3.52

CPE	Name	Operator	Version
blackberry:blackberry_link	blackberry blackberry link	le	1.2.3.52

References

www.blackberry.com/btsc/KB37207

www.securityfocus.com/bid/75950

www.securitytracker.com/id/1032969

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.036 Low

EPSS

Percentile

91.7%

JSON

Related for CVE-2015-4111

prion1 cvelist1 nessus1 nvd1