CVE-2013-2687
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.
Desbordamiento de búfer basado en pila en la función bpe_decompress en (1) BlackBerry QNX Neutrino RTOS hasta v6.5.0 SP1 y (2) QNX Momentics Tool Suite hasta v6.5.0 SP1 en QNX Software Development Platform, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicacion) o posiblemente ejecutar código a través de paquetes sobre el puerto TCP 4868 manipulados.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-03-25 CVE Reserved
- 2013-07-12 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- 2024-09-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (3)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
http://aluigi.altervista.org/adv/qnxph_1-adv.txt | 2024-09-17 |
URL | Date | SRC |
---|---|---|
http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01 | 2013-07-15 | |
http://www.qnx.com/download/feature.html?programid=24850 | 2013-07-15 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Blackberry Search vendor "Blackberry" | Qnx Momentics Tool Suite Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" | <= 6.5.0 Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version " <= 6.5.0" | sp1 |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Momentics Tool Suite Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" | 4.5 Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version "4.5" | - |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Momentics Tool Suite Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" | 4.6 Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version "4.6" | - |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Momentics Tool Suite Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" | 4.7 Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version "4.7" | - |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Momentics Tool Suite Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" | 6.5.0 Search vendor "Blackberry" for product "Qnx Momentics Tool Suite" and version "6.5.0" | - |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Software Development Platform Search vendor "Blackberry" for product "Qnx Software Development Platform" | - | - |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Neutrino Rtos Search vendor "Blackberry" for product "Qnx Neutrino Rtos" | <= 6.5.0 Search vendor "Blackberry" for product "Qnx Neutrino Rtos" and version " <= 6.5.0" | sp1 |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Neutrino Rtos Search vendor "Blackberry" for product "Qnx Neutrino Rtos" | 6.4.1 Search vendor "Blackberry" for product "Qnx Neutrino Rtos" and version "6.4.1" | - |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Neutrino Rtos Search vendor "Blackberry" for product "Qnx Neutrino Rtos" | 6.5.0 Search vendor "Blackberry" for product "Qnx Neutrino Rtos" and version "6.5.0" | - |
Affected
|