CVE-2015-4111
BlackBerry Link < 1.2.3.52 - Remote Code Execution via Crafted MP4 File
Title source: llmDescription
mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.2.3.53 with installer before 1.1.0.22 allows remote attackers to execute arbitrary code via a crafted MP4 file.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.blackberry.com/btsc/KB37207
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032969
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75950
Scores
EPSS
0.0406
EPSS Percentile
89.5%
Details
CWE
CWE-20
Status
published
Products (1)
blackberry/blackberry_link
< 1.2.3.52
Published
Jul 20, 2015
Tracked Since
Feb 18, 2026