CVE-2006-4183

Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=562
http://secunia.com/advisories/26131	Vendor Advisory
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=52
http://www.securityfocus.com/archive/1/474058/100/0/threaded
http://www.securityfocus.com/bid/24963
http://www.securitytracker.com/id?1018420
http://www.vupen.com/english/advisories/2007/2577	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/35492

Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:directx_sdk:february_2006:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-07-18 23:30

Updated : 2024-02-04 17:13

NVD link : CVE-2006-4183

Mitre link : CVE-2006-4183

CVE.ORG link : CVE-2006-4183

JSON object : View

Products Affected

microsoft

directx_sdk

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2006-4183", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": true}]}, "published": "2007-07-18T23:30:00.000", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=562", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26131", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=52", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/474058/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24963", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018420", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2577", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35492", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en Microsoft DirectX SDK (Febrero de 2006) y probablemente anteriores, incluido el End User Runtimes versi\u00f3n 9.0c, permite a los atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario por medio de un archivo Targa creado con una compresi\u00f3n de Codificaci\u00f3n de Longitud de Ejecuci\u00f3n (RLE) que produce m\u00e1s datos de los esperados al decodificar."}], "lastModified": "2018-10-17T21:33:50.347", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:directx_sdk:february_2006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D42316C-79D4-4406-B950-42A0DD8376A9"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}