{ "id": "CVE-2007-0005", "sourceIdentifier": "secalert@redhat.com", "published": "2007-03-10T00:19:00.000", "lastModified": "2018-10-16T16:29:56.227", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en los manejadores de (1) lectura y (2) escritura en el controlador Omnikey CardMan 4040 en el kernel de Linux versiones anteriores a 2.6.21-rc3, permite a usuarios locales alcanzar privilegios." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 6.9 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 3.4, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-119" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:*:rc2:*:*:*:*:*:*", "versionEndIncluding": "2.6.21", "matchCriteriaId": "47F56C42-6A77-425E-9C12-3841EE497C95" }, { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*", "matchCriteriaId": "50B422D1-6C6E-4359-A169-3EED78A1CF40" }, { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "08A6E33E-5847-45DA-B9C9-79A7C5C877D6" }, { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*", "matchCriteriaId": "6AD2E9DC-2876-4515-BCE6-DDD0CC6A5708" }, { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*", "matchCriteriaId": "A2F19064-CFBF-4B3C-A0A1-CE62265CD592" }, { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*", "matchCriteriaId": "AD3F0CEC-B8FA-47E3-BA3E-182F43D3DA86" }, { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*", "matchCriteriaId": "AB759752-DC19-4750-838B-056063EFDC5F" }, { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*", "matchCriteriaId": "96A43C95-8569-40BE-9E5B-F9B3D0B9D188" }, { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*", "matchCriteriaId": "ABD70B2B-9827-4DBB-B82D-0B70C2D4AB1F" }, { "vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*", "matchCriteriaId": "99662904-E5E3-4E81-B199-39707EAEB652" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:omnikey.aaitg:omnikey_cardman_4040:*:*:*:*:*:*:*:*", "matchCriteriaId": "77860C0B-02A7-40A4-AE39-8A1627F15383" } ] } ] } ], "references": [ { "url": "http://fedoranews.org/cms/node/2787", "source": "secalert@redhat.com" }, { "url": "http://fedoranews.org/cms/node/2788", "source": "secalert@redhat.com" }, { "url": "http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc3", "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.debian.org/security/2007/dsa-1286", "source": "secalert@redhat.com" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078", "source": "secalert@redhat.com" }, { "url": "http://www.redhat.com/support/errata/RHSA-2007-0099.html", "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/archive/1/462300/100/0/threaded", "source": "secalert@redhat.com" }, { "url": "http://www.securityfocus.com/archive/1/471457", "source": "secalert@redhat.com" }, { "url": "http://www.securityfocus.com/bid/22870", "source": "secalert@redhat.com" }, { "url": "http://www.ubuntu.com/usn/usn-486-1", "source": "secalert@redhat.com" }, { "url": "http://www.ubuntu.com/usn/usn-489-1", "source": "secalert@redhat.com" }, { "url": "http://www.vupen.com/english/advisories/2007/0872", "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32880", "source": "secalert@redhat.com" }, { "url": "https://issues.rpath.com/browse/RPL-1035", "source": "secalert@redhat.com" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11238", "source": "secalert@redhat.com" } ] }