CVE-2002-1239

Published: Nov 12, 2002Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program.

Affected (1)

Products: Qnx: Rtos

Qnx

1 product

Rtos

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Qnx Rtos	Version 6.2.0

References (10)

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=103679043232178&w=2

Source: cve@mitre.org

http://www.idefense.com/advisory/11.08.02b.txt

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.iss.net/security_center/static/10564.php

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/6146

Source: cve@mitre.org

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.html