CVE-2006-5379
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
97.3%
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nvidia | binary_graphics_driver | v8762 | cpe:2.3:a:nvidia:binary_graphics_driver:v8762:*:linux:*:*:*:*:* |
| nvidia | binary_graphics_driver | v8774 | cpe:2.3:a:nvidia:binary_graphics_driver:v8774:*:linux:*:*:*:*:* |
References
download2.rapid7.com/r7-0025/
download2.rapid7.com/r7-0025/nv_exploit.c
nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
secunia.com/advisories/22419
secunia.com/advisories/22676
secunia.com/advisories/22730
secunia.com/advisories/22764
secunia.com/advisories/23678
security.gentoo.org/glsa/glsa-200611-03.xml
securityreason.com/securityalert/1742
securitytracker.com/id?1017072
sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
www.kb.cert.org/vuls/id/147252
www.mandriva.com/security/advisories?name=MDKSA-2007:007
www.rapid7.com/advisories/R7-0025.jsp
www.securityfocus.com/archive/1/448860/100/0/threaded
www.securityfocus.com/archive/1/451329/100/0/threaded
www.securityfocus.com/bid/20559
www.ubuntu.com/usn/usn-377-1
www.vupen.com/english/advisories/2006/4053
www.vupen.com/english/advisories/2006/4328
exchange.xforce.ibmcloud.com/vulnerabilities/29622
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
97.3%