Lucene search

[email protected]CVE-2006-0045

HistoryJan 20, 2006 - 9:03 p.m.

CVE-2006-0045

2006-01-2021:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-0045

crawl

game save

game load

local privilege escalation

security vulnerability

nvd

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.4%

JSON

crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges.

CPENameOperatorVersion
linley_henzell:dungeon_crawllinley henzell dungeon crawleq4.0.0_b23

CPE	Name	Operator	Version
linley_henzell:dungeon_crawl	linley henzell dungeon crawl	eq	4.0.0_b23

References

secunia.com/advisories/18545

secunia.com/advisories/18573

www.debian.org/security/2006/dsa-949

www.osvdb.org/22690

www.securityfocus.com/bid/16337

www.vupen.com/english/advisories/2006/0303

exchange.xforce.ibmcloud.com/vulnerabilities/24262

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.4%

JSON

Related for CVE-2006-0045

nessus1 ubuntucve1 prion1 debiancve1 openvas1