CVE-2017-9369
Summary
| CVE | CVE-2017-9369 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-11-14 21:29:00 UTC |
| Updated | 2017-11-30 18:52:00 UTC |
| Description | In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment variables that influence the loader. |
Risk And Classification
Problem Types: CWE-200
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Blackberry | Qnx Software Development Platform | 6.5.0 | All | All | All |
| Application | Blackberry | Qnx Software Development Platform | 6.5.0 | sp1 | All | All |
| Application | Blackberry | Qnx Software Development Platform | 6.6.0 | All | All | All |
| Application | Blackberry | Qnx Software Development Platform | 6.5.0 | All | All | All |
| Application | Blackberry | Qnx Software Development Platform | 6.5.0 | sp1 | All | All |
| Application | Blackberry | Qnx Software Development Platform | 6.6.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| QNX-2017-001 Multiple vulnerabilities impact BlackBerry QNX Software Development Platform | CONFIRM | support.blackberry.com | Mitigation, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.