ID

VAR-200601-0231


CVE

CVE-2006-0081


TITLE

Intel Graphics Accelerator Drives Remote Denial of Service Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200601-017

DESCRIPTION

ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service (crash or screen resolution change) via a long text field, as demonstrated using a long window title. This issue allows attackers to crash the display manager on Microsoft Windows XP, or cause a complete system crash on computers running Microsoft Windows 2000. Other operating systems where the affected display driver is available are also likely affected. Version 6.14.10.4308 of the Intel Graphics Accelerator driver is considered vulnerable to this issue. Other versions may also be affected. This issue will be updated as further information becomes available. This issue may be related to the one described in BID 10913 (Microsoft Windows Large Image Processing Remote Denial Of Service Vulnerability), but this has not been confirmed. Attempting to parse very long text in Mozilla Firefox triggers a buffer overflow that crashes the Windows Display Manager. This can potentially be exploited to cause a DoS e.g. by tricking a user to open a window to an overly long URL with the browser. Successful exploitation may cause the system to restart or cause the system to revert to a low resolution display mode. The vulnerability has been confirmed in version 6.14.10.4308. SOLUTION: Do not visit non-trusted websites or open non-trusted files. PROVIDED AND/OR DISCOVERED BY: $um$id ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2006-0081 // BID: 16127 // VULHUB: VHN-16189 // PACKETSTORM: 42758

AFFECTED PRODUCTS

vendor:intelmodel:graphics accelerator driverscope:eqversion:6.14.10.4308

Trust: 1.6

vendor:intelmodel:graphics driverscope:eqversion:6.14.10.4308

Trust: 0.3

vendor:intelmodel:graphics driverscope:eqversion:0

Trust: 0.3

sources: BID: 16127 // CNNVD: CNNVD-200601-017 // NVD: CVE-2006-0081

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-0081
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200601-017
value: HIGH

Trust: 0.6

VULHUB: VHN-16189
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-0081
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-16189
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-16189 // CNNVD: CNNVD-200601-017 // NVD: CVE-2006-0081

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.1

sources: VULHUB: VHN-16189 // NVD: CVE-2006-0081

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200601-017

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-200601-017

EXTERNAL IDS

db:BIDid:16127

Trust: 2.0

db:SECUNIAid:18286

Trust: 1.8

db:NVDid:CVE-2006-0081

Trust: 1.7

db:OSVDBid:22196

Trust: 1.7

db:VUPENid:ADV-2006-0017

Trust: 1.7

db:CNNVDid:CNNVD-200601-017

Trust: 0.7

db:FULLDISCid:20060102 BUFFER OVERFLOW VULNERABILITY IN WINDOWS DISPLAY MANAGER [SUSPECTED]

Trust: 0.6

db:FULLDISCid:20060103 RE: [FULL-DISCLOSURE] BUFFER OVERFLOW VULNERABILITY IN WINDOWS DISPLAY MANAGER [SUSPECTED]

Trust: 0.6

db:VULHUBid:VHN-16189

Trust: 0.1

db:PACKETSTORMid:42758

Trust: 0.1

sources: VULHUB: VHN-16189 // BID: 16127 // PACKETSTORM: 42758 // CNNVD: CNNVD-200601-017 // NVD: CVE-2006-0081

REFERENCES

url:http://www.securityfocus.com/bid/16127

Trust: 1.7

url:http://www.osvdb.org/22196

Trust: 1.7

url:http://secunia.com/advisories/18286

Trust: 1.7

url:http://seclists.org/fulldisclosure/2006/jan/8

Trust: 1.1

url:http://seclists.org/fulldisclosure/2006/jan/32

Trust: 1.1

url:http://www.vupen.com/english/advisories/2006/0017

Trust: 1.1

url:http://www.frsirt.com/english/advisories/2006/0017

Trust: 0.6

url:http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0029.html

Trust: 0.6

url:http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0003.html

Trust: 0.6

url:http://support.intel.com/support/graphics/

Trust: 0.3

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/6734/

Trust: 0.1

url:http://secunia.com/advisories/18286/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: VULHUB: VHN-16189 // BID: 16127 // PACKETSTORM: 42758 // CNNVD: CNNVD-200601-017 // NVD: CVE-2006-0081

CREDITS

Casiamo casiamo@gmail.com Sumit Siddharth sumit.siddharth@gmail.com

Trust: 0.6

sources: CNNVD: CNNVD-200601-017

SOURCES

db:VULHUBid:VHN-16189
db:BIDid:16127
db:PACKETSTORMid:42758
db:CNNVDid:CNNVD-200601-017
db:NVDid:CVE-2006-0081

LAST UPDATE DATE

2024-11-23T22:57:25.800000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-16189date:2016-12-20T00:00:00
db:BIDid:16127date:2006-01-10T23:31:00
db:CNNVDid:CNNVD-200601-017date:2006-05-12T00:00:00
db:NVDid:CVE-2006-0081date:2024-11-21T00:05:36.520

SOURCES RELEASE DATE

db:VULHUBid:VHN-16189date:2006-01-04T00:00:00
db:BIDid:16127date:2006-01-03T00:00:00
db:PACKETSTORMid:42758date:2006-01-04T04:21:16
db:CNNVDid:CNNVD-200601-017date:2006-01-04T00:00:00
db:NVDid:CVE-2006-0081date:2006-01-04T06:03:00