CVE-2008-3024

Опубликовано: 07 июл. 2008

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/.

Ссылки

http://secunia.com/advisories/30808
Third Party Advisory
http://securityreason.com/securityalert/3974
Exploit
Third Party Advisory
http://www.scanit.net/rd/advisories/adv01
Broken Link
http://www.securityfocus.com/archive/1/493816/100/0/threaded
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/30024
Exploit
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020411
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/1996/references
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43542
Third Party Advisory
VDB Entry
http://secunia.com/advisories/30808
Third Party Advisory
http://securityreason.com/securityalert/3974
Exploit
Third Party Advisory
http://www.scanit.net/rd/advisories/adv01
Broken Link
http://www.securityfocus.com/archive/1/493816/100/0/threaded
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/30024
Exploit
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020411
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/1996/references
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43542
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:blackberry:qnx_momentics:*:*:*:*:*:*:*:*

Версия до 6.3.2 (включая)

EPSS

Процентиль: 81%

0.01484

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-5vh8-vx9c-m2vw

github

почти 4 года назад