// For flags

CVE-2006-3739

 

Severity Score

8.4
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.

Desbordamiento de enteros en la función CIDAFM en X.Org 6.8.2 y XFree86 X server permite a un usuario local ejecutar código de su elección a través de archivos Adobe Font Metrics (AFM) artesanales con un número modificado de métrica del caracter (StartCharMetrics), lo cual conduce a un desbordamiento de búfer basado en montón.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-07-20 CVE Reserved
  • 2006-09-13 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (41)
URL Tag Source
http://secunia.com/advisories/21864 Third Party Advisory
http://secunia.com/advisories/21889 Third Party Advisory
http://secunia.com/advisories/21890 Third Party Advisory
http://secunia.com/advisories/21894 Third Party Advisory
http://secunia.com/advisories/21900 Third Party Advisory
http://secunia.com/advisories/21904 Third Party Advisory
http://secunia.com/advisories/21908 Third Party Advisory
http://secunia.com/advisories/21924 Third Party Advisory
http://secunia.com/advisories/22080 Third Party Advisory
http://secunia.com/advisories/22141 Third Party Advisory
http://secunia.com/advisories/22332 Third Party Advisory
http://secunia.com/advisories/22560 Third Party Advisory
http://secunia.com/advisories/23033 Third Party Advisory
http://secunia.com/advisories/23899 Third Party Advisory
http://secunia.com/advisories/24636 Third Party Advisory
http://securitytracker.com/id?1016828 Vdb Entry
http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm X_refsource_confirm
http://www.securityfocus.com/archive/1/445812/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/464268/100/0/threaded Mailing List
http://www.securityfocus.com/bid/19974 Vdb Entry
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html X_refsource_confirm
http://www.vupen.com/english/advisories/2006/3581 Vdb Entry
http://www.vupen.com/english/advisories/2006/3582 Vdb Entry
http://www.vupen.com/english/advisories/2007/0322 Vdb Entry
http://www.vupen.com/english/advisories/2007/1171 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/28899 Vdb Entry
https://issues.rpath.com/browse/RPL-614 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10305 Signature
URL Date SRC
URL Date SRC
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412 2018-10-17
http://www.redhat.com/support/errata/RHSA-2006-0665.html 2018-10-17
http://www.redhat.com/support/errata/RHSA-2006-0666.html 2018-10-17
URL Date SRC
http://security.gentoo.org/glsa/glsa-200609-07.xml 2018-10-17
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102714-1 2018-10-17
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1 2018-10-17
http://www.debian.org/security/2006/dsa-1193 2018-10-17
http://www.mandriva.com/security/advisories?name=MDKSA-2006:164 2018-10-17
http://www.novell.com/linux/security/advisories/2006_23_sr.html 2018-10-17
http://www.ubuntu.com/usn/usn-344-1 2018-10-17
https://access.redhat.com/security/cve/CVE-2006-3739 2006-09-12
https://bugzilla.redhat.com/show_bug.cgi?id=1618155 2006-09-12
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
X.org
Search vendor "X.org"
 X.org
Search vendor "X.org" for product "X.org"
 6.8.2
Search vendor "X.org" for product "X.org" and version "6.8.2"
-
Affected
Xfree86 Project
Search vendor "Xfree86 Project"
 Xfree86 X
Search vendor "Xfree86 Project" for product "Xfree86 X"
*-
Affected