// For flags

CVE-2013-2687

 

Severity Score

7.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.

Desbordamiento de búfer basado en pila en la función bpe_decompress en (1) BlackBerry QNX Neutrino RTOS hasta v6.5.0 SP1 y (2) QNX Momentics Tool Suite hasta v6.5.0 SP1 en QNX Software Development Platform, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicacion) o posiblemente ejecutar código a través de paquetes sobre el puerto TCP 4868 manipulados.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-03-25 CVE Reserved
  • 2013-07-12 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-09-17 EPSS Updated
  • 2024-09-17 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Blackberry
Search vendor "Blackberry"
Qnx Momentics Tool Suite
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite"
<= 6.5.0
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version " <= 6.5.0"
sp1
Affected
Blackberry
Search vendor "Blackberry"
Qnx Momentics Tool Suite
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite"
4.5
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version "4.5"
-
Affected
Blackberry
Search vendor "Blackberry"
Qnx Momentics Tool Suite
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite"
4.6
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version "4.6"
-
Affected
Blackberry
Search vendor "Blackberry"
Qnx Momentics Tool Suite
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite"
4.7
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version "4.7"
-
Affected
Blackberry
Search vendor "Blackberry"
Qnx Momentics Tool Suite
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite"
6.5.0
Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version "6.5.0"
-
Affected
Blackberry
Search vendor "Blackberry"
Qnx Software Development Platform
Search vendor "Blackberry" for product "Qnx Software Development Platform"
--
Affected
Blackberry
Search vendor "Blackberry"
Qnx Neutrino Rtos
Search vendor "Blackberry" for product "Qnx Neutrino Rtos"
<= 6.5.0
Search vendor "Blackberry" for product "Qnx Neutrino Rtos" and version " <= 6.5.0"
sp1
Affected
Blackberry
Search vendor "Blackberry"
Qnx Neutrino Rtos
Search vendor "Blackberry" for product "Qnx Neutrino Rtos"
6.4.1
Search vendor "Blackberry" for product "Qnx Neutrino Rtos" and version "6.4.1"
-
Affected
Blackberry
Search vendor "Blackberry"
Qnx Neutrino Rtos
Search vendor "Blackberry" for product "Qnx Neutrino Rtos"
6.5.0
Search vendor "Blackberry" for product "Qnx Neutrino Rtos" and version "6.5.0"
-
Affected