CVE-2014-1468

critical

Description

A stack-based buffer overflow vulnerability exists in the qconnDoor service supplied with affected versions of BlackBerry 10 OS. The qconnDoor service is used by BlackBerry 10 OS to provide developer access, such as shell and remote debugging capabilities, to the smartphone. Successful exploitation of this vulnerability could potentially result in an attacker terminating the qconnDoor service running on a user's BlackBerry smartphone. In addition, the attacker could potentially execute code on the userâ€™s BlackBerry smartphone with the privileges of the root user (superuser).

Details

Source: Mitre, NVD

Published: 2014-04-10

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H