CVE-2008-3024

Name of the Vulnerable Software and Affected Versions QNX Momentics (aka RTOS) versions 6.3.2 and earlier

Description A stack-based buffer overflow issue exists in the phgrafx component, allowing local users to gain privileges. This can be achieved by providing a long .pal filename in the palette/ directory.

Recommendations For QNX Momentics (aka RTOS) versions 6.3.2 and earlier, consider restricting access to the phgrafx component until a fix is available. As a temporary workaround, avoid using long .pal filenames in the palette/ directory to minimize the risk of exploitation.