| Vulnerability Name: | CVE-2006-5379 (CCN-29622) | ||||||||
| Assigned: | 2006-10-16 | ||||||||
| Published: | 2006-10-16 | ||||||||
| Updated: | 2018-10-17 | ||||||||
| Summary: | The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations. | ||||||||
| CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:UR)
6.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-5379 Source: MISC Type: UNKNOWN http://download2.rapid7.com/r7-0025/ Source: MISC Type: Exploit http://download2.rapid7.com/r7-0025/nv_exploit.c Source: CONFIRM Type: UNKNOWN http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971 Source: CCN Type: SA22419 NVIDIA Binary Graphics Driver for Linux Buffer Overflow Vulnerability Source: SECUNIA Type: Vendor Advisory 22419 Source: CCN Type: SA22676 Sun Solaris NVIDIA Graphics Driver Buffer Overflow Vulnerability Source: SECUNIA Type: UNKNOWN 22676 Source: SECUNIA Type: UNKNOWN 22730 Source: SECUNIA Type: UNKNOWN 22764 Source: SECUNIA Type: UNKNOWN 23678 Source: GENTOO Type: UNKNOWN GLSA-200611-03 Source: SREASON Type: UNKNOWN 1742 Source: CCN Type: SECTRACK ID: 1017072 NVIDIA Binary Graphics Driver for Linux Buffer Overflow Lets Local Users Gain Root Privileges Source: SECTRACK Type: UNKNOWN 1017072 Source: CCN Type: Sun Alert ID: 102693 Security Vulnerability With Graphics Driver for Solaris 10 and Linux on Certain Systems Source: SUNALERT Type: UNKNOWN 102693 Source: CCN Type: GLSA-200611-03 NVIDIA binary graphics driver: Privilege escalation vulnerability Source: CCN Type: US-CERT VU#147252 NVIDIA Display Driver for Unix systems vulnerable to buffer overflow Source: CERT-VN Type: US Government Resource VU#147252 Source: MANDRIVA Type: UNKNOWN MDKSA-2007:007 Source: CCN Type: NVIDIA Web site NVIDIA Home Source: CCN Type: OSVDB ID: 29744 NVIDIA Binary Graphics Driver for Linux Accelerated Rendering Functionality Overflow Source: CCN Type: Rapid7, LLC Security Advisory R7-0025 Buffer Overflow in NVIDIA Binary Graphics Driver For Linux Source: MISC Type: Vendor Advisory http://www.rapid7.com/advisories/R7-0025.jsp Source: BUGTRAQ Type: UNKNOWN 20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux Source: BUGTRAQ Type: UNKNOWN 20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Source: BID Type: UNKNOWN 20559 Source: CCN Type: BID-20559 NVidia Binary Graphics Driver For Linux Buffer Overflow Vulnerability Source: CCN Type: USN-377-1 NVIDIA vulnerability Source: UBUNTU Type: UNKNOWN USN-377-1 Source: VUPEN Type: UNKNOWN ADV-2006-4053 Source: VUPEN Type: UNKNOWN ADV-2006-4328 Source: XF Type: UNKNOWN nvidia-linux-driver-bo(29622) Source: XF Type: UNKNOWN nvidia-linux-driver-bo(29622) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||