CVE-2002-1239
published 2002-11-12CVE-2002-1239: QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to…
PriorityP423high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.90%
55.2th percentile
QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qnx | rtos | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.htmlhttp://marc.info/?l=bugtraq&m=103679043232178&w=2http://www.idefense.com/advisory/11.08.02b.txthttp://www.iss.net/security_center/static/10564.phphttp://www.securityfocus.com/bid/6146http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.htmlhttp://marc.info/?l=bugtraq&m=103679043232178&w=2http://www.idefense.com/advisory/11.08.02b.txthttp://www.iss.net/security_center/static/10564.phphttp://www.securityfocus.com/bid/6146
2002-11-12
Published