Vulnerability Details CVE-2014-2533
/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.262
EPSS Ranking 96.0%
CVSS Severity
CVSS v2 Score 7.2
References
- http://seclists.org/bugtraq/2014/Mar/66
- http://seclists.org/bugtraq/2014/Mar/88
- http://seclists.org/fulldisclosure/2014/Mar/124
- http://seclists.org/fulldisclosure/2014/Mar/98
- http://www.exploit-db.com/exploits/32153/
- https://www.exploit-db.com/exploits/45575/
- http://seclists.org/bugtraq/2014/Mar/66
- http://seclists.org/bugtraq/2014/Mar/88
- http://seclists.org/fulldisclosure/2014/Mar/124
- http://seclists.org/fulldisclosure/2014/Mar/98
- http://www.exploit-db.com/exploits/32153/
- https://www.exploit-db.com/exploits/45575/
Products affected by CVE-2014-2533
-
cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.4.1
-
cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.5.0