CVSS: 7.8EPSS: 3%CPEs: 9EXPL: 1CVE-2013-2687
https://notcve.org/view.php?id=CVE-2013-2687
Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868. Desbordamiento de búfer basado en pila en la función bpe_decompress en (1) BlackBerry QNX Neutrino RTOS hasta v6.5.0 SP1 y (2) QNX Momentics Tool Suite hasta v6.5.0 SP1 en QNX Software Development Platform, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicacion) o posiblemente ejecutar código a través de paquetes sobre el puerto TCP 4868 manipulados. • http://aluigi.altervista.org/adv/qnxph_1-adv.txt http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01 http://www.qnx.com/download/feature.html?programid=24850 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •