CVE-2006-5379
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/10/2006
Last modified:
17/10/2018
Description
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:nvidia:binary_graphics_driver:v8762:*:linux:*:*:*:*:* | ||
| cpe:2.3:a:nvidia:binary_graphics_driver:v8774:*:linux:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://download2.rapid7.com/r7-0025/
- http://download2.rapid7.com/r7-0025/nv_exploit.c
- http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
- http://secunia.com/advisories/22419
- http://secunia.com/advisories/22676
- http://secunia.com/advisories/22730
- http://secunia.com/advisories/22764
- http://secunia.com/advisories/23678
- http://security.gentoo.org/glsa/glsa-200611-03.xml
- http://securityreason.com/securityalert/1742
- http://securitytracker.com/id?1017072=
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
- http://www.kb.cert.org/vuls/id/147252
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A007
- http://www.rapid7.com/advisories/R7-0025.jsp
- http://www.securityfocus.com/archive/1/448860/100/0/threaded
- http://www.securityfocus.com/archive/1/451329/100/0/threaded
- http://www.securityfocus.com/bid/20559
- http://www.ubuntu.com/usn/usn-377-1
- http://www.vupen.com/english/advisories/2006/4053
- http://www.vupen.com/english/advisories/2006/4328
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29622