Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Qpopper | Qualcomm | 4.0 (including) | 4.0 (including) |
Qpopper | Qualcomm | 4.0.1 (including) | 4.0.1 (including) |
Qpopper | Qualcomm | 4.0.2 (including) | 4.0.2 (including) |
Qpopper | Qualcomm | 4.0.3 (including) | 4.0.3 (including) |
Qpopper | Qualcomm | 4.0.4 (including) | 4.0.4 (including) |
Qpopper | Qualcomm | 4.0.5 (including) | 4.0.5 (including) |
Qpopper | Qualcomm | 4.0.5_fc2 (including) | 4.0.5_fc2 (including) |
Qpopper | Qualcomm | 4.0_b14 (including) | 4.0_b14 (including) |