Vulnerabilities > Blackberry > QNX Neutrino Rtos > 6.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-18 | CVE-2014-2534 | Permissions, Privileges, and Access Controls vulnerability in Blackberry QNX Neutrino Rtos 6.4.1/6.5.0 /sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow. | 4.9 |
| 2014-03-18 | CVE-2014-2533 | Permissions, Privileges, and Access Controls vulnerability in Blackberry QNX Neutrino Rtos 6.4.1/6.5.0 /sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument. | 7.2 |
| 2013-07-12 | CVE-2013-2688 | Buffer Errors vulnerability in Blackberry products Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file. | 5.4 |
| 2013-07-12 | CVE-2013-2687 | Buffer Errors vulnerability in Blackberry products Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868. | 7.8 |