Vulnerability Details CVE-2006-4516
Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.0%
CVSS Severity
CVSS v2 Score 4.9
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=419
- http://secunia.com/advisories/22367
- http://www.securityfocus.com/bid/20440
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29476
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=419
- http://secunia.com/advisories/22367
- http://www.securityfocus.com/bid/20440
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29476