CVE-2015-4111

EUVD-2015-4136
mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.2.3.53 with installer before 1.1.0.22 allows remote attackers to execute arbitrary code via a crafted MP4 file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
blackberryblackberry_link
𝑥
≤ 1.2.3.52
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.blackberry.com/btsc/KB37207
http://www.securityfocus.com/bid/75950
http://www.securitytracker.com/id/1032969
http://www.blackberry.com/btsc/KB37207
http://www.securityfocus.com/bid/75950
http://www.securitytracker.com/id/1032969