What is CVE-2017-3893?

CVE-2017-3893 is a low-severity vulnerability in Blackberry Qnx_software_development_platform, classified under Protection Mechanism Failure. CVSS score: 1.9/10. Published 2017-11-14.

How severe is CVE-2017-3893?

Low severity. CVSS v3 base score is 1.9 out of 10.

Buffer overflow in Blackberry Qnx_software_development_platform

CVE-2017-3893

In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks.

EPSS: 0.002 (42.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 1.9 (Low). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N.

Affected products

Blackberry Qnx_software_development_platform — versions 6.6.0
Blackberry Qnx Software Development Platform (Qnx Sdp) — versions 6.6.0

Weakness classification (CWE)

References

secure@blackberry.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-3893?: CVE-2017-3893 is a low-severity vulnerability in Blackberry Qnx_software_development_platform, classified under Protection Mechanism Failure. CVSS score: 1.9/10. Published 2017-11-14.
How severe is CVE-2017-3893?: Low severity. CVSS v3 base score is 1.9 out of 10.