Vulnerability-Lookup

CVE-2006-3740 (GCVE-0-2006-3740)

Vulnerability from cvelistv5 – Published: 2006-09-13 05:00 – Updated: 2024-08-07 18:39

Summary

Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://secunia.com/advisories/23907	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2006-06…	vendor-advisoryx_refsource_REDHAT
	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
	http://secunia.com/advisories/21900	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/21904	third-party-advisoryx_refsource_SECUNIA
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/21864	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/21894	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-344-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/21889	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/21908	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2006-06…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/22141	third-party-advisoryx_refsource_SECUNIA
	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2007/1171	vdb-entryx_refsource_VUPEN
	http://www.debian.org/security/2006/dsa-1193	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/22080	third-party-advisoryx_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-614	x_refsource_CONFIRM
	http://www.vmware.com/support/esx25/doc/esx-254-2…	x_refsource_CONFIRM
	http://secunia.com/advisories/22332	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/22560	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/464268/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/23033	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/445812/100…	mailing-listx_refsource_BUGTRAQ
	http://www.idefense.com/intelligence/vulnerabilit…	third-party-advisoryx_refsource_IDEFENSE
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://security.gentoo.org/glsa/glsa-200609-07.xml	vendor-advisoryx_refsource_GENTOO
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://secunia.com/advisories/24636	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/0322	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/21890	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/19974	vdb-entryx_refsource_BID
	http://securitytracker.com/id?1016828	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2006/3581	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/21924	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/3582	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/23899	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:39:54.017Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "23907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23907"
          },
          {
            "name": "RHSA-2006:0666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
          },
          {
            "name": "21900",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21900"
          },
          {
            "name": "MDKSA-2006:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
          },
          {
            "name": "21904",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21904"
          },
          {
            "name": "SUSE-SR:2006:023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
          },
          {
            "name": "21864",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21864"
          },
          {
            "name": "21894",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21894"
          },
          {
            "name": "USN-344-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-344-1"
          },
          {
            "name": "21889",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21889"
          },
          {
            "name": "21908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21908"
          },
          {
            "name": "RHSA-2006:0665",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
          },
          {
            "name": "22141",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22141"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
          },
          {
            "name": "ADV-2007-1171",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1171"
          },
          {
            "name": "DSA-1193",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1193"
          },
          {
            "name": "22080",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22080"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-614"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
          },
          {
            "name": "22332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22332"
          },
          {
            "name": "22560",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22560"
          },
          {
            "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
          },
          {
            "name": "23033",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23033"
          },
          {
            "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
          },
          {
            "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027scan_cidfont()\u0027 Integer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
          },
          {
            "name": "oval:org.mitre.oval:def:9454",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
          },
          {
            "name": "GLSA-200609-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
          },
          {
            "name": "102780",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
          },
          {
            "name": "24636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24636"
          },
          {
            "name": "ADV-2007-0322",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0322"
          },
          {
            "name": "21890",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21890"
          },
          {
            "name": "19974",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19974"
          },
          {
            "name": "1016828",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016828"
          },
          {
            "name": "ADV-2006-3581",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3581"
          },
          {
            "name": "21924",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21924"
          },
          {
            "name": "ADV-2006-3582",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3582"
          },
          {
            "name": "23899",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23899"
          },
          {
            "name": "xorg-server-scancidfont-overflow(28890)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-09-12T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T00:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "23907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23907"
        },
        {
          "name": "RHSA-2006:0666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
        },
        {
          "name": "21900",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21900"
        },
        {
          "name": "MDKSA-2006:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
        },
        {
          "name": "21904",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21904"
        },
        {
          "name": "SUSE-SR:2006:023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
        },
        {
          "name": "21864",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21864"
        },
        {
          "name": "21894",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21894"
        },
        {
          "name": "USN-344-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-344-1"
        },
        {
          "name": "21889",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21889"
        },
        {
          "name": "21908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21908"
        },
        {
          "name": "RHSA-2006:0665",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
        },
        {
          "name": "22141",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22141"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
        },
        {
          "name": "ADV-2007-1171",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1171"
        },
        {
          "name": "DSA-1193",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1193"
        },
        {
          "name": "22080",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22080"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-614"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
        },
        {
          "name": "22332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22332"
        },
        {
          "name": "22560",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22560"
        },
        {
          "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
        },
        {
          "name": "23033",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23033"
        },
        {
          "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
        },
        {
          "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027scan_cidfont()\u0027 Integer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
        },
        {
          "name": "oval:org.mitre.oval:def:9454",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
        },
        {
          "name": "GLSA-200609-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
        },
        {
          "name": "102780",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
        },
        {
          "name": "24636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24636"
        },
        {
          "name": "ADV-2007-0322",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0322"
        },
        {
          "name": "21890",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21890"
        },
        {
          "name": "19974",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19974"
        },
        {
          "name": "1016828",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016828"
        },
        {
          "name": "ADV-2006-3581",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3581"
        },
        {
          "name": "21924",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21924"
        },
        {
          "name": "ADV-2006-3582",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3582"
        },
        {
          "name": "23899",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23899"
        },
        {
          "name": "xorg-server-scancidfont-overflow(28890)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-3740",
    "datePublished": "2006-09-13T05:00:00.000Z",
    "dateReserved": "2006-07-20T04:00:00.000Z",
    "dateUpdated": "2024-08-07T18:39:54.017Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-154

Vulnerability from certfr_avis - Published: 2007-04-03 - Updated: 2007-04-03

None

Description

De multiples vulnérabilités ont été découvertes dans VMware ESX Server. Ces vulnérabilités peuvent être exploitées par un utilisateur malintentionné afin de conduire des dénis de service, de contourner la politique de sécurité mise en place, ou d'exécuter du code arbitraire à distance afin de prendre le contrôle total de la machine hébergeant le service vulnérable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	VMware	N/A	VMware ESX Server 2.x ;
	VMware	N/A	VMware ESX Server 3.x.

References

Title

Publication Time

Tags

Bulletin de mise à jour de VMware	None	vendor-advisory
Bulletin de mise à jour de l'éditeur du 30 mars 2007:	-	other
Bulletin de mise à jour de l'éditeur du 30 mars 2007:	-	other
Site de l'éditeur :	-	other
Bulletin de mise à jour de l'éditeur du 30 mars 2007:	-	other
Bulletin de mise à jour de l'éditeur du 30 mars 2007:	-	other
Bulletin de mise à jour de l'éditeur du 30 mars 2007:	-	other
Bulletin de mise à jour de l'éditeur du 30 mars 2007:	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware ESX Server 2.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX Server 3.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware ESX Server.\nCes vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es par un utilisateur\nmalintentionn\u00e9 afin de conduire des d\u00e9nis de service, de contourner la\npolitique de s\u00e9curit\u00e9 mise en place, ou d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance afin de prendre le contr\u00f4le total de la machine h\u00e9bergeant le\nservice vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-4334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4334"
    },
    {
      "name": "CVE-2006-4335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4335"
    },
    {
      "name": "CVE-2006-3740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3740"
    },
    {
      "name": "CVE-2006-4336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4336"
    },
    {
      "name": "CVE-2006-3739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3739"
    },
    {
      "name": "CVE-2006-4337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4337"
    },
    {
      "name": "CVE-2006-4338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4338"
    },
    {
      "name": "CVE-2006-6097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6097"
    }
  ],
  "initial_release_date": "2007-04-03T00:00:00",
  "last_revision_date": "2007-04-03T00:00:00",
  "links": [
    {
      "title": "Bulletin de mise \u00e0 jour de l\u0027\u00e9diteur du 30 mars 2007:",
      "url": "http://kb.vmware.com/kb/3496682"
    },
    {
      "title": "Bulletin de mise \u00e0 jour de l\u0027\u00e9diteur du 30 mars 2007:",
      "url": "http://kb.vmware.com/kb/5031800"
    },
    {
      "title": "Site de l\u0027\u00e9diteur :",
      "url": "http://www.vmware.com"
    },
    {
      "title": "Bulletin de mise \u00e0 jour de l\u0027\u00e9diteur du 30 mars 2007:",
      "url": "http://kb.vmware.com/kb/3194055"
    },
    {
      "title": "Bulletin de mise \u00e0 jour de l\u0027\u00e9diteur du 30 mars 2007:",
      "url": "http://kb.vmware.com/kb/3003211"
    },
    {
      "title": "Bulletin de mise \u00e0 jour de l\u0027\u00e9diteur du 30 mars 2007:",
      "url": "http://kb.vmware.com/kb/6856573"
    },
    {
      "title": "Bulletin de mise \u00e0 jour de l\u0027\u00e9diteur du 30 mars 2007:",
      "url": "http://kb.vmware.com/kb/5885387"
    }
  ],
  "reference": "CERTA-2007-AVI-154",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-04-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s de VMware ESX Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de mise \u00e0 jour de VMware",
      "url": null
    }
  ]
}

CERTA-2006-AVI-397

Vulnerability from certfr_avis - Published: 2006-09-14 - Updated: 2006-12-18

None

Description

Des vulnérabilités ont été identifiées dans les services graphiques X.Org X11 et XFree86. Ils ne manipuleraient pas correctement des caractères CID (pour Character IDentifier) de Type 1. Les fonctions mises en cause sont :

Type1/scanfont.c
Type1/afm.c

Il est cependant possible de restreindre les formats de caractères dans le fichier de configuration de ces applications (par exemple dans : /etc/X11/xorg.conf) en activant le seul module freetype, et en désactivant le module posant problème type1.

Un utilisateur local au système pourrait exploiter ces vulnérabilités, sous certaines conditions, en obligeant le serveur X.Org X11 ou XFree86 à interpréter les caractères impliqués. Il pourrait alors provoquer un déni de service ou exécuter des commandes arbitraires sur le système vulnérable avec les droits du serveur (souvent associés à ceux de l'administrateur).

Solution

Se référer au bulletin de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	X.Org X11 6.8.2 ;
N/A	N/A	X.Org X11 7.1 ;
N/A	N/A	XFree86 4.6.0.
N/A	N/A	X.Org X11 7.0 ;
N/A	N/A	X.Org X11 6.9.0 ;

References

Title

Publication Time

Tags

Bulletin de sécurité RedHat RHSA-2006-0665 du 12 septembre 2006	None	vendor-advisory
Avis de sécurité X.Org du 12 septembre 2006 :	-	other
Bulletin de sécurité Gentoo GLSA-200609-07 du 13 septembre 2006 :	-	other
Mises à jour de XFree86 :	-	other
Bulletin de sécurité Ubuntu USN-344-1 du 12 septembre 2006 :	-	other
Bulletin de sécurité Avaya ASA-2006-190 du 26 septembre 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0665 du 12 septembre 2006 :	-	other
Bulletin de sécurité Avaya ASA-2006-191 du 23 octobre 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:164 du 14 septembre 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0666 du 12 septembre 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "X.Org X11 6.8.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "X.Org X11 7.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "XFree86 4.6.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "X.Org X11 7.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "X.Org X11 6.9.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDes vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les services graphiques\nX.Org X11 et XFree86. Ils ne manipuleraient pas correctement des\ncaract\u00e8res CID (pour Character IDentifier) de Type 1. Les fonctions\nmises en cause sont :\n\n-   Type1/scanfont.c\n-   Type1/afm.c\n\nIl est cependant possible de restreindre les formats de caract\u00e8res dans\nle fichier de configuration de ces applications (par exemple dans :\n/etc/X11/xorg.conf) en activant le seul module freetype, et en\nd\u00e9sactivant le module posant probl\u00e8me type1.\n\nUn utilisateur local au syst\u00e8me pourrait exploiter ces vuln\u00e9rabilit\u00e9s,\nsous certaines conditions, en obligeant le serveur X.Org X11 ou XFree86\n\u00e0 interpr\u00e9ter les caract\u00e8res impliqu\u00e9s. Il pourrait alors provoquer un\nd\u00e9ni de service ou ex\u00e9cuter des commandes arbitraires sur le syst\u00e8me\nvuln\u00e9rable avec les droits du serveur (souvent associ\u00e9s \u00e0 ceux de\nl\u0027administrateur).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 des \u00e9diteurs pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3740"
    },
    {
      "name": "CVE-2006-3739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3739"
    }
  ],
  "initial_release_date": "2006-09-14T00:00:00",
  "last_revision_date": "2006-12-18T00:00:00",
  "links": [
    {
      "title": "Avis de s\u00e9curit\u00e9 X.Org du 12 septembre 2006 :",
      "url": "http://wiki.x.org/wiki/SecurityPage"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200609-07 du 13 septembre    2006 :",
      "url": "http://www.gentoo.org/security/en/glsa-200609-07.xml"
    },
    {
      "title": "Mises \u00e0 jour de XFree86 :",
      "url": "http://www.xfree86.org/releases/rel460.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-344-1 du 12 septembre 2006    :",
      "url": "http://www.ubuntu.com/usn/usn-344-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2006-190 du 26 septembre    2006 :",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0665 du 12 septembre    2006 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0665.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2006-191 du 23 octobre 2006    :",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:164 du 14    septembre 2006 :",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0666 du 12 septembre    2006 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0666.html"
    }
  ],
  "reference": "CERTA-2006-AVI-397",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-09-14T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Avaya.",
      "revision_date": "2006-10-25T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Avaya, Red Hat et Gentoo.",
      "revision_date": "2006-12-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Plusieurs vuln\u00e9rabilit\u00e9s dans X.org X11 et XFree86",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006-0665 du 12 septembre 2006",
      "url": null
    }
  ]
}

FKIE_CVE-2006-3740

Vulnerability from fkie_nvd - Published: 2006-09-13 01:07 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://secunia.com/advisories/21864
secalert@redhat.com	http://secunia.com/advisories/21889
secalert@redhat.com	http://secunia.com/advisories/21890
secalert@redhat.com	http://secunia.com/advisories/21894
secalert@redhat.com	http://secunia.com/advisories/21900
secalert@redhat.com	http://secunia.com/advisories/21904
secalert@redhat.com	http://secunia.com/advisories/21908
secalert@redhat.com	http://secunia.com/advisories/21924
secalert@redhat.com	http://secunia.com/advisories/22080
secalert@redhat.com	http://secunia.com/advisories/22141
secalert@redhat.com	http://secunia.com/advisories/22332
secalert@redhat.com	http://secunia.com/advisories/22560
secalert@redhat.com	http://secunia.com/advisories/23033
secalert@redhat.com	http://secunia.com/advisories/23899
secalert@redhat.com	http://secunia.com/advisories/23907
secalert@redhat.com	http://secunia.com/advisories/24636
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200609-07.xml
secalert@redhat.com	http://securitytracker.com/id?1016828
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm
secalert@redhat.com	http://www.debian.org/security/2006/dsa-1193
secalert@redhat.com	http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411	Patch, Vendor Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:164
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2006_23_sr.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0665.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0666.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.securityfocus.com/archive/1/445812/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/464268/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/19974
secalert@redhat.com	http://www.ubuntu.com/usn/usn-344-1
secalert@redhat.com	http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3581
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3582
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/0322
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/1171
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/28890
secalert@redhat.com	https://issues.rpath.com/browse/RPL-614
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21864
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21889
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21890
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21894
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21900
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21904
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21908
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21924
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22080
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22141
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22332
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22560
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23033
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23899
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23907
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24636
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200609-07.xml
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016828
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1193
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:164
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2006_23_sr.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0665.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0666.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/445812/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/464268/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19974
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-344-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3581
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3582
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0322
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1171
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28890
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-614
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454

Impacted products

	Vendor	Product	Version
	x.org	x.org	6.8.2
	xfree86_project	xfree86_x	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:x.org:x.org:6.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86D1247-A4A5-4868-9A58-1905E34240A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:xfree86_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C7695FA-5B00-4175-88A8-B71091E4653A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n scan_cidfont en X.Org 6.8.2 and XFree86 X server , permite a un usuario local ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de la fuentes de datos(1) CMap y (2)CIDFont con contadores modificados en las secciones  (a) begincodespacerange, (b) cidrange, y (c) notdefrange"
    }
  ],
  "id": "CVE-2006-3740",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-09-13T01:07:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21864"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21889"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21890"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21894"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21900"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21904"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21924"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/22080"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/22141"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/22332"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/22560"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/23033"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/23899"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/23907"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24636"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1016828"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1193"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/19974"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-344-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/3581"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/3582"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/0322"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/1171"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-614"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21864"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21889"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21890"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21900"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23899"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016828"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19974"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-344-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0322"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-GPR2-3WWV-WVMR

Vulnerability from github – Published: 2022-05-01 07:12 – Updated: 2022-05-01 07:12

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-3740"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-09-13T01:07:00Z",
    "severity": "HIGH"
  },
  "details": "Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.",
  "id": "GHSA-gpr2-3wwv-wvmr",
  "modified": "2022-05-01T07:12:03Z",
  "published": "2022-05-01T07:12:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3740"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-614"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21864"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21889"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21890"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21894"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21900"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21904"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21908"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21924"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22080"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22141"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22332"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22560"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23033"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23899"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23907"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24636"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016828"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1193"
    },
    {
      "type": "WEB",
      "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19974"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-344-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3581"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3582"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/0322"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/1171"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2006-3740

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-3740

Aliases

CVE-2006-3740

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-3740",
    "description": "Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.",
    "id": "GSD-2006-3740",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-3740.html",
      "https://www.debian.org/security/2006/dsa-1193",
      "https://access.redhat.com/errata/RHSA-2006:0666",
      "https://access.redhat.com/errata/RHSA-2006:0665",
      "https://linux.oracle.com/cve/CVE-2006-3740.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-3740"
      ],
      "details": "Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.",
      "id": "GSD-2006-3740",
      "modified": "2023-12-13T01:19:57.840461Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2006-3740",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://secunia.com/advisories/24636",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24636"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/464268/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
          },
          {
            "name": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/1171",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/1171"
          },
          {
            "name": "http://secunia.com/advisories/22080",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22080"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2006_23_sr.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
          },
          {
            "name": "http://secunia.com/advisories/21864",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21864"
          },
          {
            "name": "http://secunia.com/advisories/21889",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21889"
          },
          {
            "name": "http://secunia.com/advisories/21890",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21890"
          },
          {
            "name": "http://secunia.com/advisories/21894",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21894"
          },
          {
            "name": "http://secunia.com/advisories/21900",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21900"
          },
          {
            "name": "http://secunia.com/advisories/21904",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21904"
          },
          {
            "name": "http://secunia.com/advisories/21908",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21908"
          },
          {
            "name": "http://secunia.com/advisories/21924",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21924"
          },
          {
            "name": "http://secunia.com/advisories/22141",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22141"
          },
          {
            "name": "http://secunia.com/advisories/22332",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22332"
          },
          {
            "name": "http://secunia.com/advisories/22560",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22560"
          },
          {
            "name": "http://secunia.com/advisories/23033",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/23033"
          },
          {
            "name": "http://secunia.com/advisories/23899",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/23899"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-200609-07.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
          },
          {
            "name": "http://securitytracker.com/id?1016828",
            "refsource": "MISC",
            "url": "http://securitytracker.com/id?1016828"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm",
            "refsource": "MISC",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm",
            "refsource": "MISC",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
          },
          {
            "name": "http://www.debian.org/security/2006/dsa-1193",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2006/dsa-1193"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2006-0665.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2006-0666.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/445812/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/19974",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/19974"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-344-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-344-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/3581",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/3581"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/3582",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/3582"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/0322",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/0322"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-614",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-614"
          },
          {
            "name": "http://secunia.com/advisories/23907",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/23907"
          },
          {
            "name": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411",
            "refsource": "MISC",
            "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:x.org:x.org:6.8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xfree86_project:xfree86_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-3740"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027scan_cidfont()\u0027 Integer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
            },
            {
              "name": "RHSA-2006:0665",
              "refsource": "REDHAT",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
            },
            {
              "name": "RHSA-2006:0666",
              "refsource": "REDHAT",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
            },
            {
              "name": "GLSA-200609-07",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
            },
            {
              "name": "USN-344-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-344-1"
            },
            {
              "name": "19974",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/19974"
            },
            {
              "name": "21864",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21864"
            },
            {
              "name": "21889",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21889"
            },
            {
              "name": "21890",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21890"
            },
            {
              "name": "21894",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21894"
            },
            {
              "name": "21900",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21900"
            },
            {
              "name": "21904",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21904"
            },
            {
              "name": "1016828",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016828"
            },
            {
              "name": "21908",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21908"
            },
            {
              "name": "21924",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21924"
            },
            {
              "name": "SUSE-SR:2006:023",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
            },
            {
              "name": "22141",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22141"
            },
            {
              "name": "DSA-1193",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-1193"
            },
            {
              "name": "22332",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22332"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
            },
            {
              "name": "22560",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22560"
            },
            {
              "name": "23033",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23033"
            },
            {
              "name": "22080",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22080"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-614",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-614"
            },
            {
              "name": "102780",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
            },
            {
              "name": "23899",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23899"
            },
            {
              "name": "23907",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23907"
            },
            {
              "name": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
            },
            {
              "name": "24636",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/24636"
            },
            {
              "name": "MDKSA-2006:164",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
            },
            {
              "name": "ADV-2007-0322",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/0322"
            },
            {
              "name": "ADV-2006-3582",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/3582"
            },
            {
              "name": "ADV-2007-1171",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/1171"
            },
            {
              "name": "ADV-2006-3581",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/3581"
            },
            {
              "name": "xorg-server-scancidfont-overflow(28890)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
            },
            {
              "name": "oval:org.mitre.oval:def:9454",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
            },
            {
              "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
            },
            {
              "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:29Z",
      "publishedDate": "2006-09-13T01:07Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-3740 (GCVE-0-2006-3740)

CERTA-2007-AVI-154

Description

Solution

CERTA-2006-AVI-397

Description

Solution

FKIE_CVE-2006-3740

GHSA-GPR2-3WWV-WVMR

GSD-2006-3740

Tags

Sightings

Nomenclature