Vulnerability Details CVE-2006-5379
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.359
EPSS Ranking 97.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://download2.rapid7.com/r7-0025/
- http://download2.rapid7.com/r7-0025/nv_exploit.c
- http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
- http://secunia.com/advisories/22419
- http://secunia.com/advisories/22676
- http://secunia.com/advisories/22730
- http://secunia.com/advisories/22764
- http://secunia.com/advisories/23678
- http://security.gentoo.org/glsa/glsa-200611-03.xml
- http://securityreason.com/securityalert/1742
- http://securitytracker.com/id?1017072
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
- http://www.kb.cert.org/vuls/id/147252
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
- http://www.rapid7.com/advisories/R7-0025.jsp
- http://www.securityfocus.com/archive/1/448860/100/0/threaded
- http://www.securityfocus.com/archive/1/451329/100/0/threaded
- http://www.securityfocus.com/bid/20559
- http://www.ubuntu.com/usn/usn-377-1
- http://www.vupen.com/english/advisories/2006/4053
- http://www.vupen.com/english/advisories/2006/4328
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29622
- http://download2.rapid7.com/r7-0025/
- http://download2.rapid7.com/r7-0025/nv_exploit.c
- http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
- http://secunia.com/advisories/22419
- http://secunia.com/advisories/22676
- http://secunia.com/advisories/22730
- http://secunia.com/advisories/22764
- http://secunia.com/advisories/23678
- http://security.gentoo.org/glsa/glsa-200611-03.xml
- http://securityreason.com/securityalert/1742
- http://securitytracker.com/id?1017072
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
- http://www.kb.cert.org/vuls/id/147252
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
- http://www.rapid7.com/advisories/R7-0025.jsp
- http://www.securityfocus.com/archive/1/448860/100/0/threaded
- http://www.securityfocus.com/archive/1/451329/100/0/threaded
- http://www.securityfocus.com/bid/20559
- http://www.ubuntu.com/usn/usn-377-1
- http://www.vupen.com/english/advisories/2006/4053
- http://www.vupen.com/english/advisories/2006/4328
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29622
Products affected by CVE-2006-5379
-
cpe:2.3:a:nvidia:binary_graphics_driver:v8762
-
cpe:2.3:a:nvidia:binary_graphics_driver:v8774