Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2006-5379

Published: 18/10/2006 Updated: 17/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Binary Graphics Driver

Vulnerability Summary

The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote malicious users to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.

Vulnerable Product Search on Vulmon Subscribe to Product

nvidia binary graphics driver v8762

nvidia binary graphics driver v8774

Vendor Advisories

Ubuntu Security Notice: linux-restricted-modules-2.6.15, linux-restricted-modules-2.6.17 vulnerability
Derek Abdine discovered that the NVIDIA Xorg driver did not correctly verify the size of buffers used to render text glyphs When displaying very long strings of text, the Xorg server would crash If a user were tricked into viewing a specially crafted series of glyphs, this flaw could be exploited to run arbitrary code with root privileges ...

Exploits

Exploit DB: Nvidia Graphics Driver 8774 - Local Buffer Overflow
/* * Copyright (c) 2005 Matthieu Herrb * Copyright (c) 2006 Derek Abdine, Marc Bevand * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies * * THE SOFTWARE IS PROVIDED "AS IS" AND ...

References

NVD-CWE-Otherhttp://download2.rapid7.com/r7-0025/nv_exploit.chttp://www.rapid7.com/advisories/R7-0025.jsphttp://www.kb.cert.org/vuls/id/147252http://securitytracker.com/id?1017072http://secunia.com/advisories/22419http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971http://www.securityfocus.com/bid/20559http://download2.rapid7.com/r7-0025/http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1http://www.ubuntu.com/usn/usn-377-1http://secunia.com/advisories/22676http://secunia.com/advisories/22730http://security.gentoo.org/glsa/glsa-200611-03.xmlhttp://secunia.com/advisories/22764http://www.mandriva.com/security/advisories?name=MDKSA-2007:007http://secunia.com/advisories/23678http://securityreason.com/securityalert/1742http://www.vupen.com/english/advisories/2006/4053http://www.vupen.com/english/advisories/2006/4328https://exchange.xforce.ibmcloud.com/vulnerabilities/29622http://www.securityfocus.com/archive/1/451329/100/0/threadedhttp://www.securityfocus.com/archive/1/448860/100/0/threadedhttps://usn.ubuntu.com/377-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/2581/https://www.kb.cert.org/vuls/id/147252
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client sideCVE-2023-31889template injectionCVE-2024-4304CVE-2006-4304CVE-2024-33272type confusionCVE-2024-21345CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook