CVE-2003-1452

Qualcomm qpopper <4.05 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1452. PoCs published by Xpl017Elz.

AI-analyzed exploit summary This exploit targets a local privilege escalation vulnerability in Qpopper v4.0.x's poppassd component. It leverages a buffer overflow to execute arbitrary code with root privileges by manipulating the poppassd process through crafted input.

Description

Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Xpl017Elz · clocallinux
https://www.exploit-db.com/exploits/21

This exploit targets a local privilege escalation vulnerability in Qpopper v4.0.x's poppassd component. It leverages a buffer overflow to execute arbitrary code with root privileges by manipulating the poppassd process through crafted input.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Qpopper v4.0.x poppassd
Auth required
Prerequisites: Local access to the system · Valid Qpopper username and password · poppassd binary path
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3268
Exploit mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0047.html
Exploit mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/319811
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11877
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/7447

Scores

EPSS 0.0052
EPSS Percentile 40.0%

Details

CWE
CWE-16
Status published
Products (8)
qualcomm/qpopper 4.0
qualcomm/qpopper 4.0.1
qualcomm/qpopper 4.0.2
qualcomm/qpopper 4.0.3
qualcomm/qpopper 4.0.4
qualcomm/qpopper 4.0.5
qualcomm/qpopper 4.0.5_fc2
qualcomm/qpopper 4.0_b14
Published Dec 31, 2003
Tracked Since Feb 18, 2026