FKIE_CVE-2006-5758

Vulnerability from fkie_nvd - Published: 2006-11-06 20:07 - Updated: 2025-04-09 00:30
Severity ?
Summary
The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures.
References
cve@mitre.orghttp://kernelwars.blogspot.com/2007/01/alive.html
cve@mitre.orghttp://projects.info-pull.com/mokb/MOKB-06-11-2006.html
cve@mitre.orghttp://secunia.com/advisories/22668Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1017168
cve@mitre.orghttp://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson
cve@mitre.orghttp://www.securityfocus.com/archive/1/466186/100/200/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/20940Exploit
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/4358Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1215Vendor Advisory
cve@mitre.orghttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/30042
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2056
af854a3a-2127-422b-91ae-364da2661108http://kernelwars.blogspot.com/2007/01/alive.html
af854a3a-2127-422b-91ae-364da2661108http://projects.info-pull.com/mokb/MOKB-06-11-2006.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22668Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017168
af854a3a-2127-422b-91ae-364da2661108http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/466186/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/20940Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/4358Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1215Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/30042
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2056
Impacted products
Vendor Product Version
microsoft windows_2000 *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "74EE55A2-6020-4591-9F15-80E57D19207C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures."
    },
    {
      "lang": "es",
      "value": "El Graphics Rendering Engine en Microsoft Windows 2000 hasta 2000 SP4 y Windows XP hasta SP2 mapea estructuras del n\u00facleo GDI en una secci\u00f3n de memoria global compartida que est\u00e1 mapeada con permisos de s\u00f3lo lectura, pero puede ser remapeada por otros procesos como lectura-escritura, lo cual permite a usuarios locales provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda) y ganar privilegios modificando las estructuras del n\u00facleo."
    }
  ],
  "id": "CVE-2006-5758",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-11-06T20:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://kernelwars.blogspot.com/2007/01/alive.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://projects.info-pull.com/mokb/MOKB-06-11-2006.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22668"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017168"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/20940"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4358"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1215"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30042"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2056"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kernelwars.blogspot.com/2007/01/alive.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://projects.info-pull.com/mokb/MOKB-06-11-2006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22668"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/20940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4358"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1215"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2056"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.