Vulnerability Details : CVE-2006-3740
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2006-3740
Probability of exploitation activity in the next 30 days: 0.07%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 27 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-3740
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2006-3740
- http://www.vupen.com/english/advisories/2007/0322
-
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411
Patch;Vendor Advisory
- http://www.securityfocus.com/archive/1/464268/100/0/threaded
- http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
- https://issues.rpath.com/browse/RPL-614
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454
- http://www.securityfocus.com/bid/19974
- http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm
- http://www.securityfocus.com/archive/1/445812/100/0/threaded
- http://security.gentoo.org/glsa/glsa-200609-07.xml
-
http://www.redhat.com/support/errata/RHSA-2006-0666.html
Patch;Vendor Advisory
- http://www.vupen.com/english/advisories/2006/3582
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:164
-
http://www.novell.com/linux/security/advisories/2006_23_sr.html
Security - Support | SUSE
-
http://www.redhat.com/support/errata/RHSA-2006-0665.html
Patch;Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1
- http://www.ubuntu.com/usn/usn-344-1
- http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm
- http://www.vupen.com/english/advisories/2006/3581
- http://www.vupen.com/english/advisories/2007/1171
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/28890
- http://www.debian.org/security/2006/dsa-1193
- http://securitytracker.com/id?1016828
Products affected by CVE-2006-3740
- cpe:2.3:a:xfree86_project:xfree86_x:*:*:*:*:*:*:*:*
- cpe:2.3:a:x.org:x.org:6.8.2:*:*:*:*:*:*:*