7.5
CVE-2024-48857
- EPSS 0.57%
- Veröffentlicht 14.01.2025 19:15:31
- Zuletzt bearbeitet 21.01.2025 18:06:46
- Quelle secure@blackberry.com
- CVE-Watchlists
- Unerledigt
LoginVulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Blackberry ≫ Qnx Software Development Platform Version7.0
Blackberry ≫ Qnx Software Development Platform Version7.1
Blackberry ≫ Qnx Software Development Platform Version8.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.57% | 0.681 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| secure@blackberry.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.