CVE-2006-0619

Name of the Vulnerable Software and Affected Versions QNX Neutrino RTOS version 6.3.0

Description The issue is related to multiple stack-based buffer overflows that allow local users to execute arbitrary code. This can be achieved via long environment variables, specifically the ABLPATH or ABLANG variables in the libAP library, or a long PHOTON PATH environment variable to the setitem function in the libph library.

Recommendations For QNX Neutrino RTOS version 6.3.0, consider restricting the length of the ABLPATH, ABLANG, and PHOTON PATH environment variables to prevent buffer overflows. As a temporary workaround, restrict access to the libAP and libph libraries until a patch is available. Avoid using long environment variables in the affected libraries until the issue is resolved.