Vulnerability Description
Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2) ABLANG environment variables in the libAP library (libAp.so.2) or (3) a long PHOTON_PATH environment variable to the setitem function in the libph library.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qnx | Rtos | 6.3.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/18750Vendor Advisory
- http://securitytracker.com/id?1015599
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=381Vendor Advisory
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=382Vendor Advisory
- http://www.osvdb.org/22964
- http://www.osvdb.org/22965
- http://www.securityfocus.com/bid/16539
- http://www.vupen.com/english/advisories/2006/0474Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24557
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24558
- http://secunia.com/advisories/18750Vendor Advisory
- http://securitytracker.com/id?1015599
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=381Vendor Advisory
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=382Vendor Advisory
- http://www.osvdb.org/22964
FAQ
What is CVE-2006-0619?
CVE-2006-0619 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2) ABLANG environment variables in the libAP library (libAp.so.2) ...
How severe is CVE-2006-0619?
CVE-2006-0619 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0619?
Check the references section above for vendor advisories and patch information. Affected products include: Qnx Rtos.