Remote Code Execution Vulnerability in BlackBerry Link Software
CVE-2015-4111

Currently unrated

Key Information:

Vendor: Blackberry
Status: Blackberry Link
Vendor: CVE Published:; 20 July 2015

What is CVE-2015-4111?

A vulnerability exists in the mc_demux_mp4_ds.ax component of BlackBerry Link, allowing remote attackers to execute arbitrary code. By crafting a malicious MP4 file, attackers can exploit this weakness in versions prior to 1.2.3.53, putting user systems at risk. It is critical for users to update their software to the latest versions to mitigate potential threats.

References

http://www.blackberry.com/btsc/KB37207

x_refsource_CONFIRM

http://www.securitytracker.com/id/1032969

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/75950

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 20, 2015
Vulnerability Reserved
May 28, 2015

Blackberry

What is CVE-2015-4111?

References

Timeline