CVE-2006-4183

{"id": "CVE-2006-4183", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": true}]}, "published": "2007-07-18T23:30:00.000", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=562", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26131", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=52", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/474058/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24963", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018420", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2577", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35492", "source": "cve@mitre.org"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=562", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/26131", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=52", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/474058/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/24963", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1018420", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/2577", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35492", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en Microsoft DirectX SDK (Febrero de 2006) y probablemente anteriores, incluido el End User Runtimes versi\u00f3n 9.0c, permite a los atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario por medio de un archivo Targa creado con una compresi\u00f3n de Codificaci\u00f3n de Longitud de Ejecuci\u00f3n (RLE) que produce m\u00e1s datos de los esperados al decodificar."}], "lastModified": "2024-11-21T00:15:19.820", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:directx_sdk:february_2006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D42316C-79D4-4406-B950-42A0DD8376A9"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}