Vulnerability Details : CVE-2005-1036
FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2005-1036
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-1036
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2005-1036
-
The product does not initialize a critical resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2005-1036
Products affected by CVE-2005-1036
- cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*