Lucene search

[email protected]CVE-2006-4183

HistoryJul 18, 2007 - 11:30 p.m.

CVE-2006-4183

2007-07-1823:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

buffer overflow

microsoft directx sdk

security vulnerability

arbitrary code execution

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.874 High

EPSS

Percentile

98.6%

JSON

Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding.

CPENameOperatorVersion
microsoft:directx_sdkmicrosoft directx sdkeqfebruary_2006

CPE	Name	Operator	Version
microsoft:directx_sdk	microsoft directx sdk	eq	february_2006

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=562

secunia.com/advisories/26131

www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=52

www.securityfocus.com/archive/1/474058/100/0/threaded

www.securityfocus.com/bid/24963

www.securitytracker.com/id?1018420

www.vupen.com/english/advisories/2007/2577

exchange.xforce.ibmcloud.com/vulnerabilities/35492

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.874 High

EPSS

Percentile

98.6%

JSON

Related for CVE-2006-4183

securityvulns3 seebug1 checkpoint_advisories1 cvelist1