cbcvebase.
CVE-2013-2687
published 2013-07-12

CVE-2013-2687: Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0…

PriorityP344high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
8.22%
94.2th percentile
Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868.

Affected

8 ranges
VendorProductVersion rangeFixed in
blackberryqnx_momentics_tool_suite<= 6.5.0
blackberryqnx_momentics_tool_suite
blackberryqnx_momentics_tool_suite
blackberryqnx_momentics_tool_suite
blackberryqnx_momentics_tool_suite
blackberryqnx_neutrino_rtos<= 6.5.0
blackberryqnx_neutrino_rtos
blackberryqnx_neutrino_rtos
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.