Lucene search

[email protected]NVD:CVE-2013-2687

HistoryJul 12, 2013 - 4:55 p.m.

CVE-2013-2687

2013-07-1216:55:01

CWE-119

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

8.4 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.0%

JSON

Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.

Affected configurations

NVD

Node

blackberryqnx_momentics_tool_suiteRange≤6.5.0sp1

blackberryqnx_momentics_tool_suiteMatch4.5

blackberryqnx_momentics_tool_suiteMatch4.6

blackberryqnx_momentics_tool_suiteMatch4.7

blackberryqnx_momentics_tool_suiteMatch6.5.0

blackberryqnx_software_development_platformMatch-

blackberryqnx_neutrino_rtosRange≤6.5.0sp1

blackberryqnx_neutrino_rtosMatch6.4.1

blackberryqnx_neutrino_rtosMatch6.5.0

References

aluigi.altervista.org/adv/qnxph_1-adv.txt

ics-cert.us-cert.gov/advisories/ICSA-13-189-01

www.qnx.com/download/feature.html?programid=24850

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

8.4 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.0%

JSON

Related for NVD:CVE-2013-2687

cvelist1 cve1 prion1 ics1