CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2013-3692
https://notcve.org/view.php?id=CVE-2013-3692
BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrictions by leveraging a user's BlackBerry Protect password-reset request and a user's installation of a crafted application. BlackBerry 10 OS anteriores a v10.0.10.648 en smartphones BlackBerry Z10 usa permisos débiles para los objetos BlackBerry Protect, lo que permite a atacantes locales cercanos evitar las restricciones de acceso, aprovechando la petición de reseteo de contraseña en BlackBerry Protect y la instalación de una aplicación amnipulada. • http://www.blackberry.com/btsc/KB34458 https://exchange.xforce.ibmcloud.com/vulnerabilities/85878 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.4EPSS: 3%CPEs: 4EXPL: 1CVE-2013-2688
https://notcve.org/view.php?id=CVE-2013-2688
Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file. Desbordamiento de búfer en BlackBerry QNX Neutrino RTOS hasta v6.5.0 SP1 en QNX Software Development Platform, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o ejecutar código mediante una serie de paquetes manipulados sobre el puerto TCP 4868, que provoca una gestión inadecuada del fichero /dev/photon • http://aluigi.altervista.org/adv/qnxph_1-adv.txt http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01 http://www.qnx.com/download/feature.html?programid=24850 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 9EXPL: 1CVE-2013-2687
https://notcve.org/view.php?id=CVE-2013-2687
Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868. Desbordamiento de búfer basado en pila en la función bpe_decompress en (1) BlackBerry QNX Neutrino RTOS hasta v6.5.0 SP1 y (2) QNX Momentics Tool Suite hasta v6.5.0 SP1 en QNX Software Development Platform, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicacion) o posiblemente ejecutar código a través de paquetes sobre el puerto TCP 4868 manipulados. • http://aluigi.altervista.org/adv/qnxph_1-adv.txt http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01 http://www.qnx.com/download/feature.html?programid=24850 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-5828
https://notcve.org/view.php?id=CVE-2012-5828
BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error BlackBerry PlayBook versiones anteriores a 2.1, presenta una vulnerabilidad de divulgación de información por medio de un error del componente navegador Web. • http://www.securityfocus.com/bid/56793 https://exchange.xforce.ibmcloud.com/vulnerabilities/80555 https://packetstormsecurity.com/files/cve/CVE-2012-5828 https://www.securityfocus.com/archive/1/524893/30/9240/flat • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2011-0291
https://notcve.org/view.php?id=CVE-2011-0291
The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with software before 1.0.8.6067 allows local users to gain privileges via a crafted configuration file in a backup archive. El servicio BlackBerry PlayBook en la tableta Research In Motion (RIM) BlackBerry PlayBook con software anterior a v1.0.8.6067, permite a a usuarios locales ganar privilegios a través de un archivo de configuración modificado en un archivo de copia de seguridad. • http://blackberry.com/btsc/KB29191 http://secunia.com/advisories/47132 http://securitytracker.com/id?1026386 http://www.securityfocus.com/bid/50931 https://exchange.xforce.ibmcloud.com/vulnerabilities/71659 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •