CVE-2006-5379 | Vulnerability Database | Aqua Security

The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.

Affected Software

Name	Vendor	Start Version	End Version
Binary_graphics_driver	Nvidia	v8762 (including)	v8762 (including)
Binary_graphics_driver	Nvidia	v8774 (including)	v8774 (including)
Linux-restricted-modules-2.6.15	Ubuntu	dapper	*
Linux-restricted-modules-2.6.17	Ubuntu	edgy	*

References

http://download2.rapid7.com/r7-0025/
http://download2.rapid7.com/r7-0025/nv_exploit.c
http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
http://secunia.com/advisories/22419
http://secunia.com/advisories/22676
http://secunia.com/advisories/22730
http://secunia.com/advisories/22764
http://secunia.com/advisories/23678
http://security.gentoo.org/glsa/glsa-200611-03.xml
http://securityreason.com/securityalert/1742
http://securitytracker.com/id?1017072
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
http://www.kb.cert.org/vuls/id/147252
http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
http://www.rapid7.com/advisories/R7-0025.jsp
http://www.securityfocus.com/archive/1/448860/100/0/threaded
http://www.securityfocus.com/archive/1/451329/100/0/threaded
http://www.securityfocus.com/bid/20559
http://www.ubuntu.com/usn/usn-377-1
http://www.vupen.com/english/advisories/2006/4053
http://www.vupen.com/english/advisories/2006/4328
https://exchange.xforce.ibmcloud.com/vulnerabilities/29622
http://download2.rapid7.com/r7-0025/
http://download2.rapid7.com/r7-0025/nv_exploit.c
http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
http://secunia.com/advisories/22419
http://secunia.com/advisories/22676
http://secunia.com/advisories/22730
http://secunia.com/advisories/22764
http://secunia.com/advisories/23678
http://security.gentoo.org/glsa/glsa-200611-03.xml
http://securityreason.com/securityalert/1742
http://securitytracker.com/id?1017072
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
http://www.kb.cert.org/vuls/id/147252
http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
http://www.rapid7.com/advisories/R7-0025.jsp
http://www.securityfocus.com/archive/1/448860/100/0/threaded
http://www.securityfocus.com/archive/1/451329/100/0/threaded
http://www.securityfocus.com/bid/20559
http://www.ubuntu.com/usn/usn-377-1
http://www.vupen.com/english/advisories/2006/4053
http://www.vupen.com/english/advisories/2006/4328
https://exchange.xforce.ibmcloud.com/vulnerabilities/29622

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-5379
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html