Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2389

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2014-2389
Last Modified 14 Apr 2014 02:24:56
Published 12 Apr 2014 12:37:31
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-2389

Summary

Stack-based buffer overflow in a certain decryption function in qconnDoor on Blackberry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless network.

Vulnerable Systems

Operating System

  • Blackberry Os 10.1.0.2312


References

BUGTRAQ - 20140408 BlackBerry Z 10 - Buffer Overflow in qconnDoor [MZ-13-05]


Last Updated: 27 May 2016 11:04:56