Buffer Overflow Vulnerability in BlackBerry QNX Software Development Platform
CVE-2017-3893

7.5HIGH

Key Information:

Vendor: Blackberry
Status: Qnx Software Development Platform (qnx Sdp)
Vendor: CVE Published:; 14 November 2017

What is CVE-2017-3893?

The BlackBerry QNX Software Development Platform (SDP) 6.6.0 features a configuration flaw that may allow attackers to exploit buffer overflow vulnerabilities. In certain scenarios, this configuration fails to adequately protect against unauthorized modifications to the Global Offset Table (GOT) or Procedure Linkage Table (PLT), potentially leading to critical security breaches. It is crucial for users of QNX SDP to review their configurations and implement necessary security measures to mitigate the risk of exploitation.

Affected Version(s)

QNX Software Development Platform (QNX SDP) 6.6.0

References

http://support.blackberry.com/kb/articleDetail?articleNum...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2017
Vulnerability Reserved
Dec 21, 2016

Blackberry

What is CVE-2017-3893?

Affected Version(s)

References

CVSS V3.1

Timeline