CyberSec.Space Logo
Back to CVE Browser

CVE-2013-2687

HIGH
7.8
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile11.28th
PublishedJul 12, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.

Affected Platforms (CPE)

πŸ“¦
Blackberry

Qnx Momentics Tool Suite

<= 6.5.0
πŸ“¦
Blackberry

Qnx Momentics Tool Suite

= 4.5
πŸ“¦
Blackberry

Qnx Momentics Tool Suite

= 4.6
πŸ“¦
Blackberry

Qnx Momentics Tool Suite

= 4.7
πŸ“¦
Blackberry

Qnx Momentics Tool Suite

= 6.5.0
πŸ“¦
Blackberry

Qnx Software Development Platform

All versions
πŸ’»
Blackberry

Qnx Neutrino Rtos

<= 6.5.0
πŸ’»
Blackberry

Qnx Neutrino Rtos

= 6.4.1
πŸ’»
Blackberry

Qnx Neutrino Rtos

= 6.5.0

References & Advisories

πŸ”— http://aluigi.altervista.org/adv/qnxph_1-adv.txt
πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01
πŸ”— http://www.qnx.com/download/feature.html?programid=24850
πŸ”— http://aluigi.altervista.org/adv/qnxph_1-adv.txt
πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01
πŸ”— http://www.qnx.com/download/feature.html?programid=24850

Related Vulnerabilities

CVE-2013-272810.0

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11....

CVE-2013-273010.0

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to exec...

CVE-2013-243110.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6...

CVE-2013-273210.0

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code o...