CVE-2013-2687: Buffer Overflow
First published: Fri Jul 12 2013(Updated: )
Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Blackberry Qnx Momentics Tool Suite | <=6.5.0 | |
| Blackberry Qnx Momentics Tool Suite | =4.5 | |
| Blackberry Qnx Momentics Tool Suite | =4.6 | |
| Blackberry Qnx Momentics Tool Suite | =4.7 | |
| Blackberry Qnx Momentics Tool Suite | =6.5.0 | |
| BlackBerry QNX Software Development Platform | ||
| BlackBerry QNX Neutrino RTOS | <=6.5.0 | |
| BlackBerry QNX Neutrino RTOS | =6.4.1 | |
| BlackBerry QNX Neutrino RTOS | =6.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/references
- agent/type
- agent/tags
- agent/event
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/description
- agent/first-publish-date
- agent/severity
- collector/mitre-cve
- source/MITRE
- vendor/blackberry
- canonical/blackberry qnx momentics tool suite
- version/blackberry qnx momentics tool suite/6.5.0
- version/blackberry qnx momentics tool suite/4.5
- version/blackberry qnx momentics tool suite/4.6
- version/blackberry qnx momentics tool suite/4.7
- canonical/blackberry qnx software development platform
- canonical/blackberry qnx neutrino rtos
- version/blackberry qnx neutrino rtos/6.5.0
- version/blackberry qnx neutrino rtos/6.4.1