CVE-2002-2409

QNX Neutrino RTOS 6.1.0 and 6.2.0 - Unauthorized Clipboard Information Exposure via Hex-Encoded User ID Directory

Title source: llm
STIX 2.1

Description

Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID.

References (3)

Core 3
Core References
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10658.php
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6207
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-11/0267.html

Scores

EPSS 0.0071
EPSS Percentile 49.1%

Details

CWE
CWE-200
Status published
Products (3)
qnx/neutrino_rtos 6.1.0
qnx/neutrino_rtos 6.2.0
qnx/photon_microgui
Published Dec 31, 2002
Tracked Since Feb 18, 2026