Vulnerabilities > QNX > Neutrino Rtos > 6.5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-18 | CVE-2011-4060 | Link Following vulnerability in QNX Neutrino Rtos 6.5.0 The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environment variables when a program is spawned from a setuid program, which allows local users to overwrite files via a symlink attack. | 3.3 |