BlackBerry Link < Codec Demux Arbitrary Code Execution

High Nessus Plugin ID 84987


The remote host has software installed that is affected by an arbitrary code execution vulnerability.


The remote host has a version of BlackBerry Link installed that is prior to version Therefore, it is affected by an arbitrary code execution vulnerability in the codec demux. A remote attacker can exploit this, via crafted MP4 file, to execute arbitrary code.


Upgrade to BlackBerry Link

See Also

Plugin Details

Severity: High

ID: 84987

File Name: blackberry_link_1_2_3_53.nasl

Version: $Revision: 1.2 $

Type: local

Agent: windows

Family: Windows

Published: 2015/07/24

Modified: 2015/07/27

Dependencies: 71038

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:blackberry:blackberry_link

Required KB Items: SMB/blackberry_link/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/07/14

Vulnerability Publication Date: 2015/07/14

Reference Information

CVE: CVE-2015-4111

BID: 75950

OSVDB: 124762