Search
Find a vulnerability
Search criteria
2 vulnerabilities found for qnx_momentics_tool_suite by blackberry
CVE-2013-2687 (GCVE-0-2013-2687)
Vulnerability from nvd – Published: 2013-07-12 16:00 – Updated: 2024-09-17 03:33
VLAI
Summary
Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://aluigi.altervista.org/adv/qnxph_1-adv.txt | x_refsource_MISC |
| http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01 | x_refsource_MISC |
| http://www.qnx.com/download/feature.html?programi… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:33.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.qnx.com/download/feature.html?programid=24850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-12T16:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.qnx.com/download/feature.html?programid=24850"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2687",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
},
{
"name": "http://www.qnx.com/download/feature.html?programid=24850",
"refsource": "CONFIRM",
"url": "http://www.qnx.com/download/feature.html?programid=24850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2687",
"datePublished": "2013-07-12T16:00:00.000Z",
"dateReserved": "2013-03-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:33:05.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2687 (GCVE-0-2013-2687)
Vulnerability from cvelistv5 – Published: 2013-07-12 16:00 – Updated: 2024-09-17 03:33
VLAI
Summary
Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://aluigi.altervista.org/adv/qnxph_1-adv.txt | x_refsource_MISC |
| http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01 | x_refsource_MISC |
| http://www.qnx.com/download/feature.html?programi… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:33.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.qnx.com/download/feature.html?programid=24850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-12T16:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.qnx.com/download/feature.html?programid=24850"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2687",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
},
{
"name": "http://www.qnx.com/download/feature.html?programid=24850",
"refsource": "CONFIRM",
"url": "http://www.qnx.com/download/feature.html?programid=24850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2687",
"datePublished": "2013-07-12T16:00:00.000Z",
"dateReserved": "2013-03-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:33:05.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}