Back to search
CVE-2013-3694
Published: Nov 16, 2013
Modified: Sep 17, 2024
PUBLISHED
Description
BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not require authentication for remote file-access folders, which allows remote attackers to read or create arbitrary files via IPv6 WebDAV requests, as demonstrated by a CSRF attack involving DNS rebinding.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://blog.cmpxchg8b.com/2013/11/qnx.html
x_refsource_MISC
http://www.blackberry.com/btsc/KB35315
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now