CVE-2002-2040 in RTOSinformazioni

Riassunto

di MITRE

The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

14/07/2005

Divulgazione

31/12/2002

Moderazione

accettato

Voce

VDB-19682

CPE

pronto

CWE

CWE-269 (confermato)

Sfruttamento

Scaricare

CVSS

7.2 (NVD)

EPSS

0.01083

KEV

Attività

molto basso

Settore

Hostingprovider, Insurance, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-2040
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-2040
CVE Details	https://www.cvedetails.com/cve/CVE-2002-2040/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to know what is going to be exploited?

We predict KEV entries!