Details of VAR-200601-0231

ID

VAR-200601-0231

CVE

CVE-2006-0081

TITLE

Intel Graphics Accelerator Drives Remote Denial of Service Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200601-017

DESCRIPTION

ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service (crash or screen resolution change) via a long text field, as demonstrated using a long window title. This issue allows attackers to crash the display manager on Microsoft Windows XP, or cause a complete system crash on computers running Microsoft Windows 2000. Other operating systems where the affected display driver is available are also likely affected. Version 6.14.10.4308 of the Intel Graphics Accelerator driver is considered vulnerable to this issue. Other versions may also be affected. This issue will be updated as further information becomes available. This issue may be related to the one described in BID 10913 (Microsoft Windows Large Image Processing Remote Denial Of Service Vulnerability), but this has not been confirmed. Attempting to parse very long text in Mozilla Firefox triggers a buffer overflow that crashes the Windows Display Manager. This can potentially be exploited to cause a DoS e.g. by tricking a user to open a window to an overly long URL with the browser. Successful exploitation may cause the system to restart or cause the system to revert to a low resolution display mode. The vulnerability has been confirmed in version 6.14.10.4308. SOLUTION: Do not visit non-trusted websites or open non-trusted files. PROVIDED AND/OR DISCOVERED BY: $um$id ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2006-0081 // BID: 16127 // VULHUB: VHN-16189 // PACKETSTORM: 42758

AFFECTED PRODUCTS

vendor:	intel	model:	graphics accelerator driver	scope:	eq	version:	6.14.10.4308	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	eq	version:	6.14.10.4308	Trust: 0.3
vendor:	intel	model:	graphics driver	scope:	eq	version:	0	Trust: 0.3

sources: BID: 16127 // CNNVD: CNNVD-200601-017 // NVD: CVE-2006-0081

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-0081
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200601-017
value:	HIGH
Trust: 0.6
VULHUB:	VHN-16189
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2006-0081
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-16189
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-16189 // CNNVD: CNNVD-200601-017 // NVD: CVE-2006-0081

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.1

sources: VULHUB: VHN-16189 // NVD: CVE-2006-0081

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200601-017

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-200601-017

EXTERNAL IDS

db:	BID	id:	16127	Trust: 2.0
db:	SECUNIA	id:	18286	Trust: 1.8
db:	NVD	id:	CVE-2006-0081	Trust: 1.7
db:	OSVDB	id:	22196	Trust: 1.7
db:	VUPEN	id:	ADV-2006-0017	Trust: 1.7
db:	CNNVD	id:	CNNVD-200601-017	Trust: 0.7
db:	FULLDISC	id:	20060102 BUFFER OVERFLOW VULNERABILITY IN WINDOWS DISPLAY MANAGER [SUSPECTED]	Trust: 0.6
db:	FULLDISC	id:	20060103 RE: [FULL-DISCLOSURE] BUFFER OVERFLOW VULNERABILITY IN WINDOWS DISPLAY MANAGER [SUSPECTED]	Trust: 0.6
db:	VULHUB	id:	VHN-16189	Trust: 0.1
db:	PACKETSTORM	id:	42758	Trust: 0.1

sources: VULHUB: VHN-16189 // BID: 16127 // PACKETSTORM: 42758 // CNNVD: CNNVD-200601-017 // NVD: CVE-2006-0081

REFERENCES

url:	http://www.securityfocus.com/bid/16127	Trust: 1.7
url:	http://www.osvdb.org/22196	Trust: 1.7
url:	http://secunia.com/advisories/18286	Trust: 1.7
url:	http://seclists.org/fulldisclosure/2006/jan/8	Trust: 1.1
url:	http://seclists.org/fulldisclosure/2006/jan/32	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2006/0017	Trust: 1.1
url:	http://www.frsirt.com/english/advisories/2006/0017	Trust: 0.6
url:	http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0029.html	Trust: 0.6
url:	http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0003.html	Trust: 0.6
url:	http://support.intel.com/support/graphics/	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/6734/	Trust: 0.1
url:	http://secunia.com/advisories/18286/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-16189 // BID: 16127 // PACKETSTORM: 42758 // CNNVD: CNNVD-200601-017 // NVD: CVE-2006-0081

CREDITS

Casiamo casiamo@gmail.com Sumit Siddharth sumit.siddharth@gmail.com

Trust: 0.6

sources: CNNVD: CNNVD-200601-017

SOURCES

db:	VULHUB	id:	VHN-16189
db:	BID	id:	16127
db:	PACKETSTORM	id:	42758
db:	CNNVD	id:	CNNVD-200601-017
db:	NVD	id:	CVE-2006-0081

LAST UPDATE DATE

2024-08-14T14:59:15.402000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-16189	date:	2016-12-20T00:00:00
db:	BID	id:	16127	date:	2006-01-10T23:31:00
db:	CNNVD	id:	CNNVD-200601-017	date:	2006-05-12T00:00:00
db:	NVD	id:	CVE-2006-0081	date:	2016-12-20T02:59:03.040

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-16189	date:	2006-01-04T00:00:00
db:	BID	id:	16127	date:	2006-01-03T00:00:00
db:	PACKETSTORM	id:	42758	date:	2006-01-04T04:21:16
db:	CNNVD	id:	CNNVD-200601-017	date:	2006-01-04T00:00:00
db:	NVD	id:	CVE-2006-0081	date:	2006-01-04T06:03:00