CVE-2006-5379

The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://download2.rapid7.com/r7-0025/
http://download2.rapid7.com/r7-0025/nv_exploit.c	Exploit
http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
http://secunia.com/advisories/22419	Vendor Advisory
http://secunia.com/advisories/22676
http://secunia.com/advisories/22730
http://secunia.com/advisories/22764
http://secunia.com/advisories/23678
http://security.gentoo.org/glsa/glsa-200611-03.xml
http://securityreason.com/securityalert/1742
http://securitytracker.com/id?1017072
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
http://www.kb.cert.org/vuls/id/147252	US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
http://www.rapid7.com/advisories/R7-0025.jsp	Vendor Advisory
http://www.securityfocus.com/archive/1/448860/100/0/threaded
http://www.securityfocus.com/archive/1/451329/100/0/threaded
http://www.securityfocus.com/bid/20559
http://www.ubuntu.com/usn/usn-377-1
http://www.vupen.com/english/advisories/2006/4053
http://www.vupen.com/english/advisories/2006/4328
https://exchange.xforce.ibmcloud.com/vulnerabilities/29622
http://download2.rapid7.com/r7-0025/
http://download2.rapid7.com/r7-0025/nv_exploit.c	Exploit
http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
http://secunia.com/advisories/22419	Vendor Advisory
http://secunia.com/advisories/22676
http://secunia.com/advisories/22730
http://secunia.com/advisories/22764
http://secunia.com/advisories/23678
http://security.gentoo.org/glsa/glsa-200611-03.xml
http://securityreason.com/securityalert/1742
http://securitytracker.com/id?1017072
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
http://www.kb.cert.org/vuls/id/147252	US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
http://www.rapid7.com/advisories/R7-0025.jsp	Vendor Advisory
http://www.securityfocus.com/archive/1/448860/100/0/threaded
http://www.securityfocus.com/archive/1/451329/100/0/threaded
http://www.securityfocus.com/bid/20559
http://www.ubuntu.com/usn/usn-377-1
http://www.vupen.com/english/advisories/2006/4053
http://www.vupen.com/english/advisories/2006/4328
https://exchange.xforce.ibmcloud.com/vulnerabilities/29622

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:nvidia:binary_graphics_driver:v8762::linux:::::
	cpe:2.3:a:nvidia:binary_graphics_driver:v8774::linux:::::

History

21 Nov 2024, 00:18

Information

Published : 2006-10-18 04:06

Updated : 2025-04-09 00:30

NVD link : CVE-2006-5379

Mitre link : CVE-2006-5379

CVE.ORG link : CVE-2006-5379

JSON object : View

Products Affected

nvidia

binary_graphics_driver

CWE

NVD-CWE-Other

7.5 /10