CVE-2002-1239

Опубликовано: 12 нояб. 2002

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program.

Ссылки

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.html
http://marc.info/?l=bugtraq&m=103679043232178&w=2
http://www.idefense.com/advisory/11.08.02b.txt
Exploit
Patch
Vendor Advisory
http://www.iss.net/security_center/static/10564.php
Vendor Advisory
http://www.securityfocus.com/bid/6146
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.html
http://marc.info/?l=bugtraq&m=103679043232178&w=2
http://www.idefense.com/advisory/11.08.02b.txt
Exploit
Patch
Vendor Advisory
http://www.iss.net/security_center/static/10564.php
Vendor Advisory
http://www.securityfocus.com/bid/6146

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qnx:rtos:6.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00397

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-66g3-vg2q-cqjg

github

почти 4 года назад