Vulnerability-Lookup

CVE-2006-5379 (GCVE-0-2006-5379)

Vulnerability from cvelistv5 – Published: 2006-10-18 10:00 – Updated: 2024-08-07 19:48

Summary

The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2006/4053	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/22730	third-party-advisoryx_refsource_SECUNIA
	http://download2.rapid7.com/r7-0025/nv_exploit.c	x_refsource_MISC
	http://security.gentoo.org/glsa/glsa-200611-03.xml	vendor-advisoryx_refsource_GENTOO
	http://www.securityfocus.com/bid/20559	vdb-entryx_refsource_BID
	http://securityreason.com/securityalert/1742	third-party-advisoryx_refsource_SREASON
	http://www.ubuntu.com/usn/usn-377-1	vendor-advisoryx_refsource_UBUNTU
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://www.rapid7.com/advisories/R7-0025.jsp	x_refsource_MISC
	http://secunia.com/advisories/22419	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1017072	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/147252	third-party-advisoryx_refsource_CERT-VN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2006/4328	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/22676	third-party-advisoryx_refsource_SECUNIA
	http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/451329/100…	mailing-listx_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/23678	third-party-advisoryx_refsource_SECUNIA
	http://download2.rapid7.com/r7-0025/	x_refsource_MISC
	http://www.securityfocus.com/archive/1/448860/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/22764	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:48:30.100Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2006-4053",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4053"
          },
          {
            "name": "22730",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22730"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
          },
          {
            "name": "GLSA-200611-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
          },
          {
            "name": "20559",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20559"
          },
          {
            "name": "1742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1742"
          },
          {
            "name": "USN-377-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-377-1"
          },
          {
            "name": "102693",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
          },
          {
            "name": "22419",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22419"
          },
          {
            "name": "1017072",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017072"
          },
          {
            "name": "VU#147252",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/147252"
          },
          {
            "name": "nvidia-linux-driver-bo(29622)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
          },
          {
            "name": "ADV-2006-4328",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4328"
          },
          {
            "name": "22676",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22676"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
          },
          {
            "name": "20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
          },
          {
            "name": "MDKSA-2007:007",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
          },
          {
            "name": "23678",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23678"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://download2.rapid7.com/r7-0025/"
          },
          {
            "name": "20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
          },
          {
            "name": "22764",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22764"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2006-4053",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4053"
        },
        {
          "name": "22730",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22730"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
        },
        {
          "name": "GLSA-200611-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
        },
        {
          "name": "20559",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20559"
        },
        {
          "name": "1742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1742"
        },
        {
          "name": "USN-377-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-377-1"
        },
        {
          "name": "102693",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
        },
        {
          "name": "22419",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22419"
        },
        {
          "name": "1017072",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017072"
        },
        {
          "name": "VU#147252",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/147252"
        },
        {
          "name": "nvidia-linux-driver-bo(29622)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
        },
        {
          "name": "ADV-2006-4328",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4328"
        },
        {
          "name": "22676",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22676"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
        },
        {
          "name": "20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
        },
        {
          "name": "MDKSA-2007:007",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
        },
        {
          "name": "23678",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23678"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://download2.rapid7.com/r7-0025/"
        },
        {
          "name": "20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
        },
        {
          "name": "22764",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22764"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5379",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2006-4053",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4053"
            },
            {
              "name": "22730",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22730"
            },
            {
              "name": "http://download2.rapid7.com/r7-0025/nv_exploit.c",
              "refsource": "MISC",
              "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
            },
            {
              "name": "GLSA-200611-03",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
            },
            {
              "name": "20559",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20559"
            },
            {
              "name": "1742",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1742"
            },
            {
              "name": "USN-377-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-377-1"
            },
            {
              "name": "102693",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
            },
            {
              "name": "http://www.rapid7.com/advisories/R7-0025.jsp",
              "refsource": "MISC",
              "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
            },
            {
              "name": "22419",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22419"
            },
            {
              "name": "1017072",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017072"
            },
            {
              "name": "VU#147252",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/147252"
            },
            {
              "name": "nvidia-linux-driver-bo(29622)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
            },
            {
              "name": "ADV-2006-4328",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4328"
            },
            {
              "name": "22676",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22676"
            },
            {
              "name": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
            },
            {
              "name": "20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
            },
            {
              "name": "MDKSA-2007:007",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
            },
            {
              "name": "23678",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23678"
            },
            {
              "name": "http://download2.rapid7.com/r7-0025/",
              "refsource": "MISC",
              "url": "http://download2.rapid7.com/r7-0025/"
            },
            {
              "name": "20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
            },
            {
              "name": "22764",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22764"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5379",
    "datePublished": "2006-10-18T10:00:00",
    "dateReserved": "2006-10-17T00:00:00",
    "dateUpdated": "2024-08-07T19:48:30.100Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:binary_graphics_driver:v8762:*:linux:*:*:*:*:*\", \"matchCriteriaId\": \"EA0EC344-84EA-4A0E-80F2-98F1640F3BC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:binary_graphics_driver:v8774:*:linux:*:*:*:*:*\", \"matchCriteriaId\": \"97C8860D-53FF-4765-9890-1B09ED9B7F96\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.\"}, {\"lang\": \"es\", \"value\": \"La funcionalidad de interpretaci\\u00f3n acelerada del Controlador de Gr\\u00e1ficos Binarios NVIDIA (controlador de blob binario) para Linux v8774 y v8762, y posiblemente en otros sistemas operativos, permite a atacantes locales y remotos ejecutar c\\u00f3digo de su elecci\\u00f3n mediante un valor de ancho grande en un s\\u00edmbolo de una fuente, lo cual puede ser usado para sobreescribir localizaciones de memoria de su elecci\\u00f3n.\"}]",
      "id": "CVE-2006-5379",
      "lastModified": "2024-11-21T00:18:59.820",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2006-10-18T04:06:00.000",
      "references": "[{\"url\": \"http://download2.rapid7.com/r7-0025/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://download2.rapid7.com/r7-0025/nv_exploit.c\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/22419\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22676\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/22730\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/22764\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/23678\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200611-03.xml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securityreason.com/securityalert/1742\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1017072\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/147252\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:007\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.rapid7.com/advisories/R7-0025.jsp\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/448860/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/451329/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/20559\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-377-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4053\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4328\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/29622\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://download2.rapid7.com/r7-0025/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://download2.rapid7.com/r7-0025/nv_exploit.c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/22419\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22676\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/22730\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/22764\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/23678\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200611-03.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securityreason.com/securityalert/1742\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1017072\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/147252\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:007\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.rapid7.com/advisories/R7-0025.jsp\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/448860/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/451329/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/20559\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-377-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4053\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4328\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/29622\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-5379\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-10-18T04:06:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.\"},{\"lang\":\"es\",\"value\":\"La funcionalidad de interpretaci\u00f3n acelerada del Controlador de Gr\u00e1ficos Binarios NVIDIA (controlador de blob binario) para Linux v8774 y v8762, y posiblemente en otros sistemas operativos, permite a atacantes locales y remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un valor de ancho grande en un s\u00edmbolo de una fuente, lo cual puede ser usado para sobreescribir localizaciones de memoria de su elecci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:binary_graphics_driver:v8762:*:linux:*:*:*:*:*\",\"matchCriteriaId\":\"EA0EC344-84EA-4A0E-80F2-98F1640F3BC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:binary_graphics_driver:v8774:*:linux:*:*:*:*:*\",\"matchCriteriaId\":\"97C8860D-53FF-4765-9890-1B09ED9B7F96\"}]}]}],\"references\":[{\"url\":\"http://download2.rapid7.com/r7-0025/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://download2.rapid7.com/r7-0025/nv_exploit.c\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22419\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22676\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22730\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22764\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/23678\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200611-03.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/1742\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1017072\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/147252\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:007\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.rapid7.com/advisories/R7-0025.jsp\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/448860/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/451329/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/20559\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/usn-377-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4053\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4328\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29622\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://download2.rapid7.com/r7-0025/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://download2.rapid7.com/r7-0025/nv_exploit.c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/22419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/22730\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/22764\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23678\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200611-03.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/1742\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1017072\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/147252\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.rapid7.com/advisories/R7-0025.jsp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/448860/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/451329/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/20559\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-377-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4053\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4328\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29622\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2006-AVI-480

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans les pilotes propriétaires pour les cartes graphiques NVidia permet à un utilisateur distant d'exécuter du code arbitraire à distance.

Description

NVidia fournit pour un certain nombre d'Unix dont GNU/Linux et FreeBSD des pilotes propriétaires, sous forme binaire uniquement, permettant d'utiliser les fonctions 3D des cartes graphiques basées sur les GPU (Graphic Processor Unit) NVidia. Une vulnérabilité de type débordement de mémoire présente dans ces pilotes permet à un utilisateur malintentionné d'exécuter du code arbitraire à distance si le serveur X (Xorg ou XFree) utilisant les pilotes vulnérables accepte les connexions distantes. Si ce n'est pas le cas, l'exploitation de la vulnérabilité ne peut se faire que localement.

Solution

La version 1.0-8776 corrige le problème :

http://www.nvidia.com/object/unix.html

None

Impacted products

Vendor	Product	Description
FreeBSD	N/A	les pilotes NVidia pour FreeBSD (architecture x86) versions 1.0-8774 et antérieures ;
FreeBSD	N/A	les pilotes NVidia pour GNU/Linux (architecture AMD64/EM64T) versions 1.0-8774 et antérieures ;
FreeBSD	N/A	les pilotes NVidia pour Sun Solaris 10 (architectures x86 et x64) versions 1.0-8774 et antérieures.
FreeBSD	N/A	Les pilotes NVidia pour GNU/Linux (architecture IA-32) versions 1.0-8774 et antérieures ;

References

Title

Publication Time

Tags

Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006	None	vendor-advisory
Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006 :	-	other
Bulletin de sécurité Ubuntu USN-377-1 du 03 novembre 2006 :	-	other
Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006 :	-	other
Bulletin de sécurité Sun Solaris #102693 du 02 novembre 2006 :	-	other
Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006 :	-	other
Note de vulnérabilité de l'US-CERT VU#147252 du 17 octobre 2006 :	-	other
Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "les pilotes NVidia pour FreeBSD (architecture x86) versions 1.0-8774 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    },
    {
      "description": "les pilotes NVidia pour GNU/Linux (architecture AMD64/EM64T) versions 1.0-8774 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    },
    {
      "description": "les pilotes NVidia pour Sun Solaris 10 (architectures x86 et x64) versions 1.0-8774 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    },
    {
      "description": "Les pilotes NVidia pour GNU/Linux (architecture IA-32) versions 1.0-8774 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nNVidia fournit pour un certain nombre d\u0027Unix dont GNU/Linux et FreeBSD\ndes pilotes propri\u00e9taires, sous forme binaire uniquement, permettant\nd\u0027utiliser les fonctions 3D des cartes graphiques bas\u00e9es sur les GPU\n(Graphic Processor Unit) NVidia. Une vuln\u00e9rabilit\u00e9 de type d\u00e9bordement\nde m\u00e9moire pr\u00e9sente dans ces pilotes permet \u00e0 un utilisateur\nmalintentionn\u00e9 d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance si le serveur X\n(Xorg ou XFree) utilisant les pilotes vuln\u00e9rables accepte les connexions\ndistantes. Si ce n\u0027est pas le cas, l\u0027exploitation de la vuln\u00e9rabilit\u00e9 ne\npeut se faire que localement.\n\n## Solution\n\nLa version 1.0-8776 corrige le probl\u00e8me :\n\n    http://www.nvidia.com/object/unix.html\n",
  "cves": [
    {
      "name": "CVE-2006-5379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5379"
    }
  ],
  "links": [
    {
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du    19 octobre 2006 :",
      "url": "http://www.nvidia.com/object/linux_display_amd64_1.0-8776.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-377-1 du 03 novembre 2006 :",
      "url": "http://www.ubuntulinux.org/usn/usn-377-1"
    },
    {
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du    19 octobre 2006 :",
      "url": "http://www.nvidia.com/object/solaris_display_1.0-8776.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Sun Solaris #102693 du 02 novembre    2006 :",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
    },
    {
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du    19 octobre 2006 :",
      "url": "http://www.nvidia.com/object/linux_display_ia32_1.0-8776.html"
    },
    {
      "title": "Note de vuln\u00e9rabilit\u00e9 de l\u0027US-CERT VU#147252 du 17 octobre    2006 :",
      "url": "http://www.kb.cert.org/vuls/id/147252"
    },
    {
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du    19 octobre 2006 :",
      "url": "http://www.nvidia.com/object/freebsd_1.0-8776.html"
    }
  ],
  "reference": "CERTA-2006-AVI-480",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-11-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans les pilotes propri\u00e9taires pour les cartes\ngraphiques NVidia permet \u00e0 un utilisateur distant d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 des drivers NVidia",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006",
      "url": null
    }
  ]
}

CERTA-2006-AVI-480

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans les pilotes propriétaires pour les cartes graphiques NVidia permet à un utilisateur distant d'exécuter du code arbitraire à distance.

Description

Solution

La version 1.0-8776 corrige le problème :

http://www.nvidia.com/object/unix.html

None

Impacted products

Vendor	Product	Description
FreeBSD	N/A	les pilotes NVidia pour FreeBSD (architecture x86) versions 1.0-8774 et antérieures ;
FreeBSD	N/A	les pilotes NVidia pour GNU/Linux (architecture AMD64/EM64T) versions 1.0-8774 et antérieures ;
FreeBSD	N/A	les pilotes NVidia pour Sun Solaris 10 (architectures x86 et x64) versions 1.0-8774 et antérieures.
FreeBSD	N/A	Les pilotes NVidia pour GNU/Linux (architecture IA-32) versions 1.0-8774 et antérieures ;

References

Title

Publication Time

Tags

Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006	None	vendor-advisory
Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006 :	-	other
Bulletin de sécurité Ubuntu USN-377-1 du 03 novembre 2006 :	-	other
Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006 :	-	other
Bulletin de sécurité Sun Solaris #102693 du 02 novembre 2006 :	-	other
Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006 :	-	other
Note de vulnérabilité de l'US-CERT VU#147252 du 17 octobre 2006 :	-	other
Notes de révision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "les pilotes NVidia pour FreeBSD (architecture x86) versions 1.0-8774 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    },
    {
      "description": "les pilotes NVidia pour GNU/Linux (architecture AMD64/EM64T) versions 1.0-8774 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    },
    {
      "description": "les pilotes NVidia pour Sun Solaris 10 (architectures x86 et x64) versions 1.0-8774 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    },
    {
      "description": "Les pilotes NVidia pour GNU/Linux (architecture IA-32) versions 1.0-8774 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nNVidia fournit pour un certain nombre d\u0027Unix dont GNU/Linux et FreeBSD\ndes pilotes propri\u00e9taires, sous forme binaire uniquement, permettant\nd\u0027utiliser les fonctions 3D des cartes graphiques bas\u00e9es sur les GPU\n(Graphic Processor Unit) NVidia. Une vuln\u00e9rabilit\u00e9 de type d\u00e9bordement\nde m\u00e9moire pr\u00e9sente dans ces pilotes permet \u00e0 un utilisateur\nmalintentionn\u00e9 d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance si le serveur X\n(Xorg ou XFree) utilisant les pilotes vuln\u00e9rables accepte les connexions\ndistantes. Si ce n\u0027est pas le cas, l\u0027exploitation de la vuln\u00e9rabilit\u00e9 ne\npeut se faire que localement.\n\n## Solution\n\nLa version 1.0-8776 corrige le probl\u00e8me :\n\n    http://www.nvidia.com/object/unix.html\n",
  "cves": [
    {
      "name": "CVE-2006-5379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5379"
    }
  ],
  "links": [
    {
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du    19 octobre 2006 :",
      "url": "http://www.nvidia.com/object/linux_display_amd64_1.0-8776.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-377-1 du 03 novembre 2006 :",
      "url": "http://www.ubuntulinux.org/usn/usn-377-1"
    },
    {
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du    19 octobre 2006 :",
      "url": "http://www.nvidia.com/object/solaris_display_1.0-8776.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Sun Solaris #102693 du 02 novembre    2006 :",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
    },
    {
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du    19 octobre 2006 :",
      "url": "http://www.nvidia.com/object/linux_display_ia32_1.0-8776.html"
    },
    {
      "title": "Note de vuln\u00e9rabilit\u00e9 de l\u0027US-CERT VU#147252 du 17 octobre    2006 :",
      "url": "http://www.kb.cert.org/vuls/id/147252"
    },
    {
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du    19 octobre 2006 :",
      "url": "http://www.nvidia.com/object/freebsd_1.0-8776.html"
    }
  ],
  "reference": "CERTA-2006-AVI-480",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-11-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans les pilotes propri\u00e9taires pour les cartes\ngraphiques NVidia permet \u00e0 un utilisateur distant d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 des drivers NVidia",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Notes de r\u00e9vision des pilotes NVidia 1.0-8776 pour Unix du 19 octobre 2006",
      "url": null
    }
  ]
}

GHSA-FM97-P25W-W6FJ

Vulnerability from github – Published: 2022-05-01 07:27 – Updated: 2025-04-09 03:32

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-5379"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-10-18T04:06:00Z",
    "severity": "HIGH"
  },
  "details": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.",
  "id": "GHSA-fm97-p25w-w6fj",
  "modified": "2025-04-09T03:32:25Z",
  "published": "2022-05-01T07:27:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5379"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
    },
    {
      "type": "WEB",
      "url": "http://download2.rapid7.com/r7-0025"
    },
    {
      "type": "WEB",
      "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
    },
    {
      "type": "WEB",
      "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22419"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22676"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22730"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22764"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23678"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/1742"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1017072"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/147252"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
    },
    {
      "type": "WEB",
      "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/20559"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-377-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4053"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4328"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2006-5379

Vulnerability from fkie_nvd - Published: 2006-10-18 04:06 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://download2.rapid7.com/r7-0025/
cve@mitre.org	http://download2.rapid7.com/r7-0025/nv_exploit.c	Exploit
cve@mitre.org	http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
cve@mitre.org	http://secunia.com/advisories/22419	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/22676
cve@mitre.org	http://secunia.com/advisories/22730
cve@mitre.org	http://secunia.com/advisories/22764
cve@mitre.org	http://secunia.com/advisories/23678
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200611-03.xml
cve@mitre.org	http://securityreason.com/securityalert/1742
cve@mitre.org	http://securitytracker.com/id?1017072
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
cve@mitre.org	http://www.kb.cert.org/vuls/id/147252	US Government Resource
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
cve@mitre.org	http://www.rapid7.com/advisories/R7-0025.jsp	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/448860/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/451329/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/20559
cve@mitre.org	http://www.ubuntu.com/usn/usn-377-1
cve@mitre.org	http://www.vupen.com/english/advisories/2006/4053
cve@mitre.org	http://www.vupen.com/english/advisories/2006/4328
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/29622
af854a3a-2127-422b-91ae-364da2661108	http://download2.rapid7.com/r7-0025/
af854a3a-2127-422b-91ae-364da2661108	http://download2.rapid7.com/r7-0025/nv_exploit.c	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22419	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22676
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22730
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22764
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23678
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200611-03.xml
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/1742
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017072
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/147252	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
af854a3a-2127-422b-91ae-364da2661108	http://www.rapid7.com/advisories/R7-0025.jsp	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/448860/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451329/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20559
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-377-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4053
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4328
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/29622

Impacted products

	Vendor	Product	Version
	nvidia	binary_graphics_driver	v8762
	nvidia	binary_graphics_driver	v8774

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:binary_graphics_driver:v8762:*:linux:*:*:*:*:*",
              "matchCriteriaId": "EA0EC344-84EA-4A0E-80F2-98F1640F3BC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:binary_graphics_driver:v8774:*:linux:*:*:*:*:*",
              "matchCriteriaId": "97C8860D-53FF-4765-9890-1B09ED9B7F96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations."
    },
    {
      "lang": "es",
      "value": "La funcionalidad de interpretaci\u00f3n acelerada del Controlador de Gr\u00e1ficos Binarios NVIDIA (controlador de blob binario) para Linux v8774 y v8762, y posiblemente en otros sistemas operativos, permite a atacantes locales y remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un valor de ancho grande en un s\u00edmbolo de una fuente, lo cual puede ser usado para sobreescribir localizaciones de memoria de su elecci\u00f3n."
    }
  ],
  "id": "CVE-2006-5379",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-10-18T04:06:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://download2.rapid7.com/r7-0025/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22419"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22676"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22730"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22764"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/23678"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/1742"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017072"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/147252"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/20559"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-377-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/4053"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/4328"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://download2.rapid7.com/r7-0025/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22419"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22676"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22730"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22764"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23678"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/1742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017072"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/147252"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/20559"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-377-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2006-5379

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-5379

Aliases

CVE-2006-5379

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-5379",
    "description": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.",
    "id": "GSD-2006-5379",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-5379.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-5379"
      ],
      "details": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.",
      "id": "GSD-2006-5379",
      "modified": "2023-12-13T01:19:56.033350Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-5379",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2006-4053",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/4053"
          },
          {
            "name": "22730",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22730"
          },
          {
            "name": "http://download2.rapid7.com/r7-0025/nv_exploit.c",
            "refsource": "MISC",
            "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
          },
          {
            "name": "GLSA-200611-03",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
          },
          {
            "name": "20559",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/20559"
          },
          {
            "name": "1742",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/1742"
          },
          {
            "name": "USN-377-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-377-1"
          },
          {
            "name": "102693",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
          },
          {
            "name": "http://www.rapid7.com/advisories/R7-0025.jsp",
            "refsource": "MISC",
            "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
          },
          {
            "name": "22419",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22419"
          },
          {
            "name": "1017072",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1017072"
          },
          {
            "name": "VU#147252",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/147252"
          },
          {
            "name": "nvidia-linux-driver-bo(29622)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
          },
          {
            "name": "ADV-2006-4328",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/4328"
          },
          {
            "name": "22676",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22676"
          },
          {
            "name": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971",
            "refsource": "CONFIRM",
            "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
          },
          {
            "name": "20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
          },
          {
            "name": "MDKSA-2007:007",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
          },
          {
            "name": "23678",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23678"
          },
          {
            "name": "http://download2.rapid7.com/r7-0025/",
            "refsource": "MISC",
            "url": "http://download2.rapid7.com/r7-0025/"
          },
          {
            "name": "20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
          },
          {
            "name": "22764",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22764"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:nvidia:binary_graphics_driver:v8762:*:linux:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nvidia:binary_graphics_driver:v8774:*:linux:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5379"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://download2.rapid7.com/r7-0025/nv_exploit.c",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
            },
            {
              "name": "http://www.rapid7.com/advisories/R7-0025.jsp",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
            },
            {
              "name": "VU#147252",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/147252"
            },
            {
              "name": "1017072",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1017072"
            },
            {
              "name": "22419",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22419"
            },
            {
              "name": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
            },
            {
              "name": "20559",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/20559"
            },
            {
              "name": "http://download2.rapid7.com/r7-0025/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://download2.rapid7.com/r7-0025/"
            },
            {
              "name": "102693",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
            },
            {
              "name": "USN-377-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-377-1"
            },
            {
              "name": "22676",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22676"
            },
            {
              "name": "22730",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22730"
            },
            {
              "name": "GLSA-200611-03",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
            },
            {
              "name": "22764",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22764"
            },
            {
              "name": "MDKSA-2007:007",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
            },
            {
              "name": "23678",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23678"
            },
            {
              "name": "1742",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/1742"
            },
            {
              "name": "ADV-2006-4053",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/4053"
            },
            {
              "name": "ADV-2006-4328",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/4328"
            },
            {
              "name": "nvidia-linux-driver-bo(29622)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
            },
            {
              "name": "20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
            },
            {
              "name": "20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:42Z",
      "publishedDate": "2006-10-18T04:06Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-5379 (GCVE-0-2006-5379)

CERTA-2006-AVI-480

Description

Solution

CERTA-2006-AVI-480

Description

Solution

GHSA-FM97-P25W-W6FJ

FKIE_CVE-2006-5379

GSD-2006-5379

Tags

Sightings

Nomenclature