Description
Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter.
Exploits (4)
exploitdb
WORKING POC
VERIFIED
by Julio Cesar Fort · textdosunix
https://www.exploit-db.com/exploits/24596
exploitdb
WRITEUP
VERIFIED
by Julio Cesar Fort · textdosunix
https://www.exploit-db.com/exploits/24593
exploitdb
WORKING POC
VERIFIED
by Julio Cesar Fort · textdosunix
https://www.exploit-db.com/exploits/24594
exploitdb
WORKING POC
VERIFIED
by Julio Cesar Fort · textdosunix
https://www.exploit-db.com/exploits/24595
References (4)
Core 4
Core References
Various Sources x_refsource_misc
http://www.rfdslabs.com.br/qnx-advs-03-2004.txt
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109510393407597&w=2
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11164
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17339
Scores
EPSS
0.0013
EPSS Percentile
31.8%
Details
Status
published
Products (2)
qnx/photon_microgui
qnx/rtp
6.1
Published
Aug 26, 2004
Tracked Since
Feb 18, 2026