CVE-2006-0619
QNX Neutrino RTOS 6.3.0 - Local Buffer Overflow via Environment Variables
Title source: llmDescription
Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2) ABLANG environment variables in the libAP library (libAp.so.2) or (3) a long PHOTON_PATH environment variable to the setitem function in the libph library.
References (10)
Core 10
Core References
Vendor Advisory third-party-advisory
x_refsource_idefense
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=381
Vendor Advisory third-party-advisory
x_refsource_idefense
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=382
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0474
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18750
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24557
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015599
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/22964
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/22965
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16539
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24558
Scores
EPSS
0.0050
EPSS Percentile
39.3%
Details
CWE
CWE-119
Status
published
Products (1)
qnx/rtos
6.3.0
Published
Feb 09, 2006
Tracked Since
Feb 18, 2026