RETIRED: QNX Phindows Stack-Based Buffer Overflow Vulnerability
BID:53485
Info
RETIRED: QNX Phindows Stack-Based Buffer Overflow Vulnerability
| Bugtraq ID: | 53485 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 11 2012 12:00AM |
| Updated: | Aug 26 2013 12:20AM |
| Credit: | Luigi Auriemma |
| Vulnerable: |
QNX Phindows 3.0.44 |
| Not Vulnerable: | |
Discussion
RETIRED: QNX Phindows Stack-Based Buffer Overflow Vulnerability
QNX Phindows is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will likely cause denial-of-service conditions.
QNX Phindows 3.0.44 is vulnerable; Other versions may also be affected.
This BID is being retired. The following individual records exist to better document the issues:
61022 Multiple QNX Products CVE-2013-2687 Stack Buffer Overflow Vulnerability
61023 Multiple QNX Products CVE-2013-2688 Buffer Overflow Vulnerability
QNX Phindows is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will likely cause denial-of-service conditions.
QNX Phindows 3.0.44 is vulnerable; Other versions may also be affected.
This BID is being retired. The following individual records exist to better document the issues:
61022 Multiple QNX Products CVE-2013-2687 Stack Buffer Overflow Vulnerability
61023 Multiple QNX Products CVE-2013-2688 Buffer Overflow Vulnerability
Exploit / POC
RETIRED: QNX Phindows Stack-Based Buffer Overflow Vulnerability
Reports indicate that proof-of-concept code is available. Please see the references for more information.
Reports indicate that proof-of-concept code is available. Please see the references for more information.
Solution / Fix
RETIRED: QNX Phindows Stack-Based Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
RETIRED: QNX Phindows Stack-Based Buffer Overflow Vulnerability
References:
References:
- Phindows Homepage (QNX)
- QNX Homepage (QNX)
- QNX phrelay/phindows/phditto vulnerabilities (Luigi Auriemma)