CVE-2004-1681

Name of the Vulnerable Software and Affected Versions QNX Photon microGUI for QNX RTP version 6.1

Description The issue concerns multiple buffer overflows in various components, including phrelay-cfg, phlocale, pkg-installer, and input-cfg. This allows local users to gain privileges by providing a long -s (server) command line parameter.

Recommendations For QNX Photon microGUI for QNX RTP version 6.1, consider restricting access to the phrelay-cfg, phlocale, pkg-installer, and input-cfg components to minimize the risk of exploitation. Avoid using the -s command line parameter with long input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.