// For flags

CVE-2006-6101

 

Severity Score

6.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.

Desbordamiento de Entero en la función ProcRenderAddGlyphs en la extensión Render para X.Org 6.8.2, 6.9.0, 7.0, y 7.1, y Servidor XFree86 X, permite a atacantes remotos ejecutar código de su elección mediante una petición de protocolo X manipulada que dispara corrupción de memoria durante el procesado del manejo de estructuras de datos para la representación física de caracteres.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Medium
Authentication
Single
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-11-24 CVE Reserved
  • 2006-12-31 CVE Published
  • 2024-06-03 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (42)
URL Tag Source
http://osvdb.org/32084 Vdb Entry
http://secunia.com/advisories/23633 Third Party Advisory
http://secunia.com/advisories/23670 Third Party Advisory
http://secunia.com/advisories/23684 Third Party Advisory
http://secunia.com/advisories/23689 Third Party Advisory
http://secunia.com/advisories/23698 Third Party Advisory
http://secunia.com/advisories/23705 Third Party Advisory
http://secunia.com/advisories/23758 Third Party Advisory
http://secunia.com/advisories/23789 Third Party Advisory
http://secunia.com/advisories/23966 Third Party Advisory
http://secunia.com/advisories/24168 Third Party Advisory
http://secunia.com/advisories/24210 Third Party Advisory
http://secunia.com/advisories/24247 Third Party Advisory
http://secunia.com/advisories/24401 Third Party Advisory
http://secunia.com/advisories/25802 Third Party Advisory
http://securitytracker.com/id?1017495 Vdb Entry
http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm X_refsource_confirm
http://www.securityfocus.com/bid/21968 Vdb Entry
http://www.vupen.com/english/advisories/2007/0108 Vdb Entry
http://www.vupen.com/english/advisories/2007/0109 Vdb Entry
http://www.vupen.com/english/advisories/2007/0589 Vdb Entry
http://www.vupen.com/english/advisories/2007/0669 Vdb Entry
http://www.vupen.com/english/advisories/2007/2233 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/31337 Vdb Entry
https://issues.rpath.com/browse/RPL-920 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10490 Signature
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
X.org
Search vendor "X.org"
X.org
Search vendor "X.org" for product "X.org"
6.8.2
Search vendor "X.org" for product "X.org" and version "6.8.2"
-
Affected
X.org
Search vendor "X.org"
X.org
Search vendor "X.org" for product "X.org"
6.9.0
Search vendor "X.org" for product "X.org" and version "6.9.0"
-
Affected
X.org
Search vendor "X.org"
X.org
Search vendor "X.org" for product "X.org"
7.0
Search vendor "X.org" for product "X.org" and version "7.0"
-
Affected
X.org
Search vendor "X.org"
X.org
Search vendor "X.org" for product "X.org"
7.1
Search vendor "X.org" for product "X.org" and version "7.1"
-
Affected
Xfree86 Project
Search vendor "Xfree86 Project"
Xfree86
Search vendor "Xfree86 Project" for product "Xfree86"
*-
Affected