Lucene search

[email protected]CVE-2006-4172

HistorySep 26, 2006 - 2:07 a.m.

CVE-2006-4172

2006-09-2602:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4172

integer overflow

i386_set_ldt

freebsd

denial of service

arbitrary code

vulnerability

7.7 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.4%

JSON

Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178.

CPENameOperatorVersion
freebsd:freebsdfreebsdeq5.2.1
freebsd:freebsdfreebsdeq5.4
freebsd:freebsdfreebsdeq5.3
freebsd:freebsdfreebsdeq5.2
freebsd:freebsdfreebsdle5.5

CPE	Name	Operator	Version
freebsd:freebsd	freebsd	eq	5.2.1
freebsd:freebsd	freebsd	eq	5.4
freebsd:freebsd	freebsd	eq	5.3
freebsd:freebsd	freebsd	eq	5.2
freebsd:freebsd	freebsd	le	5.5

References

archives.neohapsis.com/archives/bugtraq/2006-09/0376.html

secunia.com/advisories/22064

securitytracker.com/id?1016926

securitytracker.com/id?1016928

www.idefense.com/intelligence/vulnerabilities/display.php?id=414

www.securityfocus.com/archive/1/446945/100/0/threaded

www.securityfocus.com/bid/20158

exchange.xforce.ibmcloud.com/vulnerabilities/29132

7.7 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.4%

JSON

Related for CVE-2006-4172

cve1 securityvulns2