Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3024

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-3024
Last Modified 07 Mar 2011 10:10:06
Published 07 Jul 2008 01:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3024

Summary

Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/.

Vulnerable Systems

Application

  • Qnx Momentics 6.3.2

  • Qnx Rtos 6.3.2


References

XF - momentics-phgrafx-bo(43542)

VUPEN - ADV-2008-1996

SECTRACK - 1020411

BID - 30024

BUGTRAQ - 20080701 [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability

MISC - http://www.scanit.net/rd/advisories/adv01

SREASON - 3974

SECUNIA - 30808


Last Updated: 27 May 2016 10:48:04