Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for qnx_neutrino_rtos by blackberry

    CVE-2014-2534 (GCVE-0-2014-2534)

    Vulnerability from nvd – Published: 2014-03-18 01:00 – Updated: 2024-08-06 10:14
    VLAI
    Summary
    /sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.exploit-db.com/exploits/32156/ exploitx_refsource_EXPLOIT-DB
    http://seclists.org/fulldisclosure/2014/Mar/124 mailing-listx_refsource_FULLDISC
    http://seclists.org/bugtraq/2014/Mar/66 mailing-listx_refsource_BUGTRAQ
    http://seclists.org/fulldisclosure/2014/Mar/98 mailing-listx_refsource_FULLDISC
    http://seclists.org/bugtraq/2014/Mar/88 mailing-listx_refsource_BUGTRAQ
    Date Public
    2014-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:14:26.718Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "32156",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/32156/"
              },
              {
                "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
              },
              {
                "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2014/Mar/66"
              },
              {
                "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
              },
              {
                "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2014/Mar/88"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading \"bad parameter\" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-03-28T20:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "32156",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/32156/"
            },
            {
              "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
            },
            {
              "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2014/Mar/66"
            },
            {
              "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
            },
            {
              "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2014/Mar/88"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2534",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading \"bad parameter\" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "32156",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/32156/"
                },
                {
                  "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
                },
                {
                  "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2014/Mar/66"
                },
                {
                  "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
                },
                {
                  "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2014/Mar/88"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2534",
        "datePublished": "2014-03-18T01:00:00.000Z",
        "dateReserved": "2014-03-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:14:26.718Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2533 (GCVE-0-2014-2533)

    Vulnerability from nvd – Published: 2014-03-18 01:00 – Updated: 2024-08-06 10:14
    VLAI
    Summary
    /sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://seclists.org/fulldisclosure/2014/Mar/124 mailing-listx_refsource_FULLDISC
    https://www.exploit-db.com/exploits/45575/ exploitx_refsource_EXPLOIT-DB
    http://seclists.org/bugtraq/2014/Mar/66 mailing-listx_refsource_BUGTRAQ
    http://seclists.org/fulldisclosure/2014/Mar/98 mailing-listx_refsource_FULLDISC
    http://seclists.org/bugtraq/2014/Mar/88 mailing-listx_refsource_BUGTRAQ
    http://www.exploit-db.com/exploits/32153/ exploitx_refsource_EXPLOIT-DB
    Date Public
    2014-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:14:26.825Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
              },
              {
                "name": "45575",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45575/"
              },
              {
                "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2014/Mar/66"
              },
              {
                "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
              },
              {
                "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2014/Mar/88"
              },
              {
                "name": "32153",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/32153/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T09:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
            },
            {
              "name": "45575",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45575/"
            },
            {
              "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2014/Mar/66"
            },
            {
              "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
            },
            {
              "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2014/Mar/88"
            },
            {
              "name": "32153",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/32153/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2533",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
                },
                {
                  "name": "45575",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45575/"
                },
                {
                  "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2014/Mar/66"
                },
                {
                  "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
                },
                {
                  "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2014/Mar/88"
                },
                {
                  "name": "32153",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/32153/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2533",
        "datePublished": "2014-03-18T01:00:00.000Z",
        "dateReserved": "2014-03-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:14:26.825Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-2688 (GCVE-0-2013-2688)

    Vulnerability from nvd – Published: 2013-07-12 16:00 – Updated: 2024-09-16 19:05
    VLAI
    Summary
    Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:44:33.394Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.qnx.com/download/feature.html?programid=24850"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-07-12T16:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.qnx.com/download/feature.html?programid=24850"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-2688",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt",
                  "refsource": "MISC",
                  "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
                },
                {
                  "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01",
                  "refsource": "MISC",
                  "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
                },
                {
                  "name": "http://www.qnx.com/download/feature.html?programid=24850",
                  "refsource": "CONFIRM",
                  "url": "http://www.qnx.com/download/feature.html?programid=24850"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-2688",
        "datePublished": "2013-07-12T16:00:00.000Z",
        "dateReserved": "2013-03-25T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:05:19.836Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-2687 (GCVE-0-2013-2687)

    Vulnerability from nvd – Published: 2013-07-12 16:00 – Updated: 2024-09-17 03:33
    VLAI
    Summary
    Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:44:33.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.qnx.com/download/feature.html?programid=24850"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-07-12T16:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.qnx.com/download/feature.html?programid=24850"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-2687",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt",
                  "refsource": "MISC",
                  "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
                },
                {
                  "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01",
                  "refsource": "MISC",
                  "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
                },
                {
                  "name": "http://www.qnx.com/download/feature.html?programid=24850",
                  "refsource": "CONFIRM",
                  "url": "http://www.qnx.com/download/feature.html?programid=24850"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-2687",
        "datePublished": "2013-07-12T16:00:00.000Z",
        "dateReserved": "2013-03-25T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:33:05.126Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2533 (GCVE-0-2014-2533)

    Vulnerability from cvelistv5 – Published: 2014-03-18 01:00 – Updated: 2024-08-06 10:14
    VLAI
    Summary
    /sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://seclists.org/fulldisclosure/2014/Mar/124 mailing-listx_refsource_FULLDISC
    https://www.exploit-db.com/exploits/45575/ exploitx_refsource_EXPLOIT-DB
    http://seclists.org/bugtraq/2014/Mar/66 mailing-listx_refsource_BUGTRAQ
    http://seclists.org/fulldisclosure/2014/Mar/98 mailing-listx_refsource_FULLDISC
    http://seclists.org/bugtraq/2014/Mar/88 mailing-listx_refsource_BUGTRAQ
    http://www.exploit-db.com/exploits/32153/ exploitx_refsource_EXPLOIT-DB
    Date Public
    2014-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:14:26.825Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
              },
              {
                "name": "45575",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45575/"
              },
              {
                "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2014/Mar/66"
              },
              {
                "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
              },
              {
                "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2014/Mar/88"
              },
              {
                "name": "32153",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/32153/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T09:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
            },
            {
              "name": "45575",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45575/"
            },
            {
              "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2014/Mar/66"
            },
            {
              "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
            },
            {
              "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2014/Mar/88"
            },
            {
              "name": "32153",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/32153/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2533",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
                },
                {
                  "name": "45575",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45575/"
                },
                {
                  "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2014/Mar/66"
                },
                {
                  "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
                },
                {
                  "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2014/Mar/88"
                },
                {
                  "name": "32153",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/32153/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2533",
        "datePublished": "2014-03-18T01:00:00.000Z",
        "dateReserved": "2014-03-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:14:26.825Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2534 (GCVE-0-2014-2534)

    Vulnerability from cvelistv5 – Published: 2014-03-18 01:00 – Updated: 2024-08-06 10:14
    VLAI
    Summary
    /sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.exploit-db.com/exploits/32156/ exploitx_refsource_EXPLOIT-DB
    http://seclists.org/fulldisclosure/2014/Mar/124 mailing-listx_refsource_FULLDISC
    http://seclists.org/bugtraq/2014/Mar/66 mailing-listx_refsource_BUGTRAQ
    http://seclists.org/fulldisclosure/2014/Mar/98 mailing-listx_refsource_FULLDISC
    http://seclists.org/bugtraq/2014/Mar/88 mailing-listx_refsource_BUGTRAQ
    Date Public
    2014-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:14:26.718Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "32156",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/32156/"
              },
              {
                "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
              },
              {
                "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2014/Mar/66"
              },
              {
                "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
              },
              {
                "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2014/Mar/88"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading \"bad parameter\" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-03-28T20:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "32156",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/32156/"
            },
            {
              "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
            },
            {
              "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2014/Mar/66"
            },
            {
              "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
            },
            {
              "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2014/Mar/88"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2534",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading \"bad parameter\" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "32156",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/32156/"
                },
                {
                  "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Mar/124"
                },
                {
                  "name": "20140311 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2014/Mar/66"
                },
                {
                  "name": "20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Mar/98"
                },
                {
                  "name": "20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2014/Mar/88"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2534",
        "datePublished": "2014-03-18T01:00:00.000Z",
        "dateReserved": "2014-03-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:14:26.718Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-2688 (GCVE-0-2013-2688)

    Vulnerability from cvelistv5 – Published: 2013-07-12 16:00 – Updated: 2024-09-16 19:05
    VLAI
    Summary
    Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:44:33.394Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.qnx.com/download/feature.html?programid=24850"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-07-12T16:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.qnx.com/download/feature.html?programid=24850"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-2688",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt",
                  "refsource": "MISC",
                  "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
                },
                {
                  "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01",
                  "refsource": "MISC",
                  "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
                },
                {
                  "name": "http://www.qnx.com/download/feature.html?programid=24850",
                  "refsource": "CONFIRM",
                  "url": "http://www.qnx.com/download/feature.html?programid=24850"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-2688",
        "datePublished": "2013-07-12T16:00:00.000Z",
        "dateReserved": "2013-03-25T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:05:19.836Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-2687 (GCVE-0-2013-2687)

    Vulnerability from cvelistv5 – Published: 2013-07-12 16:00 – Updated: 2024-09-17 03:33
    VLAI
    Summary
    Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:44:33.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.qnx.com/download/feature.html?programid=24850"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-07-12T16:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.qnx.com/download/feature.html?programid=24850"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-2687",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt",
                  "refsource": "MISC",
                  "url": "http://aluigi.altervista.org/adv/qnxph_1-adv.txt"
                },
                {
                  "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01",
                  "refsource": "MISC",
                  "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01"
                },
                {
                  "name": "http://www.qnx.com/download/feature.html?programid=24850",
                  "refsource": "CONFIRM",
                  "url": "http://www.qnx.com/download/feature.html?programid=24850"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-2687",
        "datePublished": "2013-07-12T16:00:00.000Z",
        "dateReserved": "2013-03-25T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:33:05.126Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }