Vulnerabilities > CVE-2006-0620 - Local Privilege Escalation and Denial Of Service vulnerability in QNX Rtos 6.2.1/6.2.1A/6.2.1B
Attack vector
LOCAL Attack complexity
HIGH Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | QNX Neutrino 6.2.1 (phfont) Race Condition Local Root Exploit. CVE-2006-0620. Local exploit for qnx platform |
| id | EDB-ID:1479 |
| last seen | 2016-01-31 |
| modified | 2006-02-08 |
| published | 2006-02-08 |
| reporter | kokanin |
| source | https://www.exploit-db.com/download/1479/ |
| title | QNX Neutrino 6.2.1 phfont Race Condition Local Root Exploit |
References
- http://secunia.com/advisories/18750
- http://securitytracker.com/id?1015599
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=383
- http://www.osvdb.org/22963
- http://www.securityfocus.com/bid/16539
- http://www.vupen.com/english/advisories/2006/0474
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24555