nvd-json-data-feeds/CVE-2006/CVE-2006-57xx/CVE-2006-5758.json

{
  "id": "CVE-2006-5758",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2006-11-06T20:07:00.000",
  "lastModified": "2018-10-17T21:44:52.287",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures."
    },
    {
      "lang": "es",
      "value": "El Graphics Rendering Engine en Microsoft Windows 2000 hasta 2000 SP4 y Windows XP hasta SP2 mapea estructuras del n\u00facleo GDI en una secci\u00f3n de memoria global compartida que est\u00e1 mapeada con permisos de s\u00f3lo lectura, pero puede ser remapeada por otros procesos como lectura-escritura, lo cual permite a usuarios locales provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda) y ganar privilegios modificando las estructuras del n\u00facleo."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "74EE55A2-6020-4591-9F15-80E57D19207C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://kernelwars.blogspot.com/2007/01/alive.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://projects.info-pull.com/mokb/MOKB-06-11-2006.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://securitytracker.com/id?1017168",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/20940",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2006/4358",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2007/1215",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30042",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2056",
      "source": "cve@mitre.org"
    }
  ]
}