...
Environment issues are particularly dangerous with setuid/setgid programs or other elevated priviledges, because an attacker can completely control the environment variables.
Non-Compliant
...
Code Example (POSIX)
This non-compliant code invokes the C99 system() function to execute the /bin/ls program. The C99 system() function passes a string to the command processer in the host environment to be executed.
...
Note that C99 standard states that "The set of environment names and the method for altering the environment list are implementation-defined."
Non-Compliant
...
Code Example (POSIX)
This non-compliant code invokes the C99 system() function to remove the .config file in the users home directory.
...