Description
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
Exploits (1)
References (5)
Scores
EPSS
0.0035
EPSS Percentile
57.5%
Details
CWE
CWE-16
Status
published
Products (8)
qualcomm/qpopper
4.0
qualcomm/qpopper
4.0.1
qualcomm/qpopper
4.0.2
qualcomm/qpopper
4.0.3
qualcomm/qpopper
4.0.4
qualcomm/qpopper
4.0.5
qualcomm/qpopper
4.0.5_fc2
qualcomm/qpopper
4.0_b14
Published
Dec 31, 2003
Tracked Since
Feb 18, 2026