Vulnerabilities > QNX > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-10-18 | CVE-2011-4060 | Link Following vulnerability in QNX Neutrino Rtos 6.5.0 The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environment variables when a program is spawned from a setuid program, which allows local users to overwrite files via a symlink attack. | 3.3 |
| 2005-08-30 | CVE-2005-2725 | Local Arbitrary File Disclosure vulnerability in QNX RTOS InputTrap The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files. | 2.1 |
| 2004-09-13 | CVE-2004-1683 | Local Command Execution vulnerability in QNX CRTTrap Path Environment Variable A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap. | 3.7 |
| 2002-12-31 | CVE-2002-1983 | Local Denial of Service vulnerability in QNX Rtos 6.1.0 The timer implementation in QNX RTOS 6.1.0 allows local users to cause a denial of service (hang) and possibly execute arbitrary code by creating multiple timers with a 1-ms tick. | 2.1 |
| 2002-12-31 | CVE-2002-2039 | Unspecified vulnerability in QNX Rtos 4.25/6.1.0 /bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal. | 2.1 |
| 2002-12-31 | CVE-2002-2409 | Information Exposure vulnerability in QNX Neutrino Rtos and Photon Microgui Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID. | 3.5 |
| 2001-08-02 | CVE-2001-0624 | Denial-Of-Service vulnerability in QNX 2.4 QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. | 2.1 |