Lucene search

MitreCVE-2006-0620

HistoryFeb 09, 2006 - 2:02 a.m.

CVE-2006-0620

2006-02-0902:02:00

mitre

web.nvd.nist.gov

cve-2006-0620

qnx neutrino rtos

race condition

phfont

arbitrary code execution

security vulnerability

nvd

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

Percentile

0.4%

JSON

Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables.

Affected configurations

Nvd

Node

qnxrtosMatch6.2.1

qnxrtosMatch6.2.1a

qnxrtosMatch6.2.1b

VendorProductVersionCPE
qnxrtos6.2.1cpe:2.3:a:qnx:rtos:6.2.1:*:*:*:*:*:*:*
qnxrtos6.2.1acpe:2.3:a:qnx:rtos:6.2.1a:*:*:*:*:*:*:*
qnxrtos6.2.1bcpe:2.3:a:qnx:rtos:6.2.1b:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qnx	rtos	6.2.1	cpe:2.3:a:qnx:rtos:6.2.1:::::::*
qnx	rtos	6.2.1a	cpe:2.3:a:qnx:rtos:6.2.1a:::::::*
qnx	rtos	6.2.1b	cpe:2.3:a:qnx:rtos:6.2.1b:::::::*

References

secunia.com/advisories/18750

securitytracker.com/id?1015599

www.idefense.com/intelligence/vulnerabilities/display.php?id=383

www.osvdb.org/22963

www.securityfocus.com/bid/16539

www.vupen.com/english/advisories/2006/0474

exchange.xforce.ibmcloud.com/vulnerabilities/24555

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for CVE-2006-0620