CVE Vulnerabilities

CVE-2002-1239

Published: Nov 12, 2002 | Modified: Nov 20, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program.

Affected Software

Name Vendor Start Version End Version
Rtos Qnx 6.2.0 (including) 6.2.0 (including)

References