CVE-2006-5379 Information

Description

The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762 and probably on other operating systems allows local and remote attackers to execute arbitrary code via a large width value in a font glyph which can be used to overwrite arbitrary memory locations.

Reference

http://download2.rapid7.com/r7-0025/ http://download2.rapid7.com/r7-0025/nv_exploit.c http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971 http://secunia.com/advisories/22419 http://secunia.com/advisories/22676 http://secunia.com/advisories/22730 http://secunia.com/advisories/22764 http://secunia.com/advisories/23678 http://security.gentoo.org/glsa/glsa-200611-03.xml http://securityreason.com/securityalert/1742 http://securitytracker.com/id?1017072 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1 http://www.kb.cert.org/vuls/id/147252 http://www.mandriva.com/security/advisories?name=MDKSA-2007:007 http://www.rapid7.com/advisories/R7-0025.jsp http://www.securityfocus.com/archive/1/448860/100/0/threaded http://www.securityfocus.com/archive/1/451329/100/0/threaded http://www.securityfocus.com/bid/20559 http://www.ubuntu.com/usn/usn-377-1 http://www.vupen.com/english/advisories/2006/4053 http://www.vupen.com/english/advisories/2006/4328 https://exchange.xforce.ibmcloud.com/vulnerabilities/29622