Vulnerability Database

296,213

Total vulnerabilities in the database

CVE-2004-1391

Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.

  • Published: Dec 31, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-1391
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.6
  • AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
qnx / rtos 6.2.0 6.2.0.x
qnx / rtp 6.1 6.1.x
qnx / rtos 6.2.1b 6.2.1b.x
qnx / rtos 6.3.0 6.3.0.x
qnx / rtos 6.1.0a 6.1.0a.x
qnx / rtos 6.2.1a 6.2.1a.x
qnx / rtos 6.1.0 6.1.0.x