CVE-2024-48854

Medium CVSS: 5.3

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.

Vendor

Blackberry

Product

Qnx Software Development Platform

CWE

CWE-193

Yayın Tarihi

2025-01-14 19:15:31

Güncelleme

2025-01-21 18:07:08

Source Identifier

secure@blackberry.com

KEV Date Added

Kategoriler

CWE-193 Qnx Software Development Platform MEDIUM Blackberry 2025

Referanslar

https://support.blackberry.com/pkb/s/article/140334

Benzer Kayıtlar

Medium

CVE-2025-12766

An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry® AtHoc® (OnPrem) versio…

Critical

CVE-2025-2474

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker…

High

CVE-2024-48858

Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated att…

Medium

CVE-2024-48855

Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker…

Critical

CVE-2024-48856

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker…

High

CVE-2024-48857

NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated atta…