Vulnerability Description
/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Blackberry | Qnx Neutrino Rtos | 6.4.1 |
Related Weaknesses (CWE)
References
- http://seclists.org/bugtraq/2014/Mar/66
- http://seclists.org/bugtraq/2014/Mar/88
- http://seclists.org/fulldisclosure/2014/Mar/124
- http://seclists.org/fulldisclosure/2014/Mar/98
- http://www.exploit-db.com/exploits/32153/Exploit
- https://www.exploit-db.com/exploits/45575/
- http://seclists.org/bugtraq/2014/Mar/66
- http://seclists.org/bugtraq/2014/Mar/88
- http://seclists.org/fulldisclosure/2014/Mar/124
- http://seclists.org/fulldisclosure/2014/Mar/98
- http://www.exploit-db.com/exploits/32153/Exploit
- https://www.exploit-db.com/exploits/45575/
FAQ
What is CVE-2014-2533?
CVE-2014-2533 is a vulnerability with a CVSS score of 7.2 (HIGH). /sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
How severe is CVE-2014-2533?
CVE-2014-2533 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-2533?
Check the references section above for vendor advisories and patch information. Affected products include: Blackberry Qnx Neutrino Rtos.