📦

blackberry_link

Vendor: blackberry

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 7 Total Indexed

Avg. EPSS 0.63% Exploit Prob.

Latest CVE CVE-2015-4111 Jul 20

Security Vulnerability Index

Page 1 / 1

6.8 CVSS

CVE-2015-4111

RCE

mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.2.3.53 with installer before 1.1.0.22 allows remote attackers to execute arbitrary code via a crafted MP4 file.

EPSS: 1.26%

Severity: MEDIUM

Jul 20, 2015

6.8 CVSS

CVE-2013-3694

BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not require authentication for remote file-access folders, which allows remote attackers to read or create arbitrary files via IPv6 WebDAV requests, as demonstrated by a CSRF attack involving DNS rebinding.

EPSS: 0.13%

Severity: MEDIUM

Nov 18, 2013

5.8 CVSS

CVE-2013-6798

BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not properly determine the user account for execution of Peer Manager in certain situations involving successive logins with different accounts, which allows context-dependent attackers to bypass intended restrictions on remote file-access folders via IPv6 WebDAV requests, a different vulnerability than CVE-2013-3694.

EPSS: 0.49%

Severity: MEDIUM

Nov 18, 2013

Displaying 3 of 7 Total Entries

Total 1 Sections