GSD-2006-5379

Vulnerability from gsd - Updated: 2023-12-13 01:19
Details
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
Aliases
Aliases
CVE-2006-5379
To clipboard 

{
  "GSD": {
    "alias": "CVE-2006-5379",
    "description": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.",
    "id": "GSD-2006-5379",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-5379.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-5379"
      ],
      "details": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.",
      "id": "GSD-2006-5379",
      "modified": "2023-12-13T01:19:56.033350Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-5379",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2006-4053",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/4053"
          },
          {
            "name": "22730",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22730"
          },
          {
            "name": "http://download2.rapid7.com/r7-0025/nv_exploit.c",
            "refsource": "MISC",
            "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
          },
          {
            "name": "GLSA-200611-03",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
          },
          {
            "name": "20559",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/20559"
          },
          {
            "name": "1742",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/1742"
          },
          {
            "name": "USN-377-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-377-1"
          },
          {
            "name": "102693",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
          },
          {
            "name": "http://www.rapid7.com/advisories/R7-0025.jsp",
            "refsource": "MISC",
            "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
          },
          {
            "name": "22419",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22419"
          },
          {
            "name": "1017072",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1017072"
          },
          {
            "name": "VU#147252",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/147252"
          },
          {
            "name": "nvidia-linux-driver-bo(29622)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
          },
          {
            "name": "ADV-2006-4328",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/4328"
          },
          {
            "name": "22676",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22676"
          },
          {
            "name": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971",
            "refsource": "CONFIRM",
            "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
          },
          {
            "name": "20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
          },
          {
            "name": "MDKSA-2007:007",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
          },
          {
            "name": "23678",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23678"
          },
          {
            "name": "http://download2.rapid7.com/r7-0025/",
            "refsource": "MISC",
            "url": "http://download2.rapid7.com/r7-0025/"
          },
          {
            "name": "20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
          },
          {
            "name": "22764",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22764"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:nvidia:binary_graphics_driver:v8762:*:linux:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nvidia:binary_graphics_driver:v8774:*:linux:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5379"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://download2.rapid7.com/r7-0025/nv_exploit.c",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://download2.rapid7.com/r7-0025/nv_exploit.c"
            },
            {
              "name": "http://www.rapid7.com/advisories/R7-0025.jsp",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.rapid7.com/advisories/R7-0025.jsp"
            },
            {
              "name": "VU#147252",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/147252"
            },
            {
              "name": "1017072",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1017072"
            },
            {
              "name": "22419",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22419"
            },
            {
              "name": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971"
            },
            {
              "name": "20559",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/20559"
            },
            {
              "name": "http://download2.rapid7.com/r7-0025/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://download2.rapid7.com/r7-0025/"
            },
            {
              "name": "102693",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1"
            },
            {
              "name": "USN-377-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-377-1"
            },
            {
              "name": "22676",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22676"
            },
            {
              "name": "22730",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22730"
            },
            {
              "name": "GLSA-200611-03",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200611-03.xml"
            },
            {
              "name": "22764",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22764"
            },
            {
              "name": "MDKSA-2007:007",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:007"
            },
            {
              "name": "23678",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23678"
            },
            {
              "name": "1742",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/1742"
            },
            {
              "name": "ADV-2006-4053",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/4053"
            },
            {
              "name": "ADV-2006-4328",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/4328"
            },
            {
              "name": "nvidia-linux-driver-bo(29622)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29622"
            },
            {
              "name": "20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451329/100/0/threaded"
            },
            {
              "name": "20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/448860/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:42Z",
      "publishedDate": "2006-10-18T04:06Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.