CVE-2004-1683

Name of the Vulnerable Software and Affected Versions QNX RTP version 6.1

Description A race condition issue exists, allowing local users to gain privileges. This is achieved by modifying the PATH environment variable to reference a malicious io-graphics program before it is executed by crrtrap.

Recommendations For QNX RTP version 6.1, consider restricting modifications to the PATH environment variable to prevent malicious references to io-graphics programs until a fix is available. As a temporary workaround, monitor and control the execution of crrtrap to minimize the risk of exploitation.