Untrusted Search Path Vulnerability in Qualcomm Qpopper 4.0 through 4.05
CVE-2003-1452

Currently unrated

Key Information:

Vendor: Qualcomm
Status: Qpopper
Vendor: CVE Published:; 31 December 2003

Summary

The untrusted search path vulnerability in Qualcomm Qpopper versions 4.0 to 4.05 allows local users to exploit the PATH environment variable. By altering this variable, an attacker can point to a malicious version of the smbpasswd program. This manipulation can lead to arbitrary code execution, potentially compromising the integrity and confidentiality of the system. Proper security measures and updates are recommended to mitigate this security risk.

References

http://securityreason.com/securityalert/3268

third-party-advisoryx_refsource_SREASON

http://archives.neohapsis.com/archives/vulnwatch/2003-q2/...

mailing-listx_refsource_VULNWATCH

http://www.securityfocus.com/archive/1/319811

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Oct 22, 2007
Vulnerability published
Dec 31, 2003