Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Qpopper | Qualcomm | 4.0 | 4.0 |
Qpopper | Qualcomm | 4.0.1 | 4.0.1 |
Qpopper | Qualcomm | 4.0.2 | 4.0.2 |
Qpopper | Qualcomm | 4.0.3 | 4.0.3 |
Qpopper | Qualcomm | 4.0.4 | 4.0.4 |
Qpopper | Qualcomm | 4.0.5 | 4.0.5 |
Qpopper | Qualcomm | 4.0.5_fc2 | 4.0.5_fc2 |
Qpopper | Qualcomm | 4.0_b14 | 4.0_b14 |