Vulnerabilities > Blackberry
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-07-13 | CVE-2013-3692 | Permissions, Privileges, and Access Controls vulnerability in Blackberry OS and Z10 BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrictions by leveraging a user's BlackBerry Protect password-reset request and a user's installation of a crafted application. | 6.2 |
| 2013-07-12 | CVE-2013-2688 | Buffer Errors vulnerability in Blackberry products Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file. | 5.4 |
| 2013-07-12 | CVE-2013-2687 | Buffer Errors vulnerability in Blackberry products Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868. | 7.8 |
| 2011-12-08 | CVE-2011-0291 | Information Exposure vulnerability in Blackberry Tablet OS 1.0.8.4985 The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with software before 1.0.8.6067 allows local users to gain privileges via a crafted configuration file in a backup archive. | 7.2 |
| 2008-07-21 | CVE-2008-3246 | Code Injection vulnerability in multiple products Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment. | 9.3 |
| 2008-07-07 | CVE-2008-3024 | Out-Of-Bounds Write vulnerability in Blackberry QNX Momentics 6.2.0/6.3.0/6.3.2 Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/. | 9.3 |
| 2002-08-12 | CVE-2002-0793 | Link Following vulnerability in Blackberry QNX Neutrino Real-Time Operating System 4.25 Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility. | 5.5 |