ByteOS Network

NVD Vulnerability Details :

CVE-2006-3740

Deferred

Source-secalert@redhat.com

Published At-13 Sep, 2006 | 01:07

Updated At-03 Apr, 2025 | 01:03

Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

X.Org Foundation

>>x.org>>6.8.2

cpe:2.3:a:x.org:x.org:6.8.2:*:*:*:*:*:*:*

xfree86_project>>xfree86_x>>*

cpe:2.3:a:xfree86_project:xfree86_x:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://secunia.com/advisories/21864	secalert@redhat.com	N/A
http://secunia.com/advisories/21889	secalert@redhat.com	N/A
http://secunia.com/advisories/21890	secalert@redhat.com	N/A
http://secunia.com/advisories/21894	secalert@redhat.com	N/A
http://secunia.com/advisories/21900	secalert@redhat.com	N/A
http://secunia.com/advisories/21904	secalert@redhat.com	N/A
http://secunia.com/advisories/21908	secalert@redhat.com	N/A
http://secunia.com/advisories/21924	secalert@redhat.com	N/A
http://secunia.com/advisories/22080	secalert@redhat.com	N/A
http://secunia.com/advisories/22141	secalert@redhat.com	N/A
http://secunia.com/advisories/22332	secalert@redhat.com	N/A
http://secunia.com/advisories/22560	secalert@redhat.com	N/A
http://secunia.com/advisories/23033	secalert@redhat.com	N/A
http://secunia.com/advisories/23899	secalert@redhat.com	N/A
http://secunia.com/advisories/23907	secalert@redhat.com	N/A
http://secunia.com/advisories/24636	secalert@redhat.com	N/A
http://security.gentoo.org/glsa/glsa-200609-07.xml	secalert@redhat.com	N/A
http://securitytracker.com/id?1016828	secalert@redhat.com	N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1	secalert@redhat.com	N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm	secalert@redhat.com	N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm	secalert@redhat.com	N/A
http://www.debian.org/security/2006/dsa-1193	secalert@redhat.com	N/A
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411	secalert@redhat.com	Patch Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:164	secalert@redhat.com	N/A
http://www.novell.com/linux/security/advisories/2006_23_sr.html	secalert@redhat.com	N/A
http://www.redhat.com/support/errata/RHSA-2006-0665.html	secalert@redhat.com	Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2006-0666.html	secalert@redhat.com	Patch Vendor Advisory
http://www.securityfocus.com/archive/1/445812/100/0/threaded	secalert@redhat.com	N/A
http://www.securityfocus.com/archive/1/464268/100/0/threaded	secalert@redhat.com	N/A
http://www.securityfocus.com/bid/19974	secalert@redhat.com	N/A
http://www.ubuntu.com/usn/usn-344-1	secalert@redhat.com	N/A
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html	secalert@redhat.com	N/A
http://www.vupen.com/english/advisories/2006/3581	secalert@redhat.com	N/A
http://www.vupen.com/english/advisories/2006/3582	secalert@redhat.com	N/A
http://www.vupen.com/english/advisories/2007/0322	secalert@redhat.com	N/A
http://www.vupen.com/english/advisories/2007/1171	secalert@redhat.com	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/28890	secalert@redhat.com	N/A
https://issues.rpath.com/browse/RPL-614	secalert@redhat.com	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454	secalert@redhat.com	N/A
http://secunia.com/advisories/21864	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/21889	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/21890	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/21894	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/21900	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/21904	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/21908	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/21924	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/22080	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/22141	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/22332	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/22560	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/23033	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/23899	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/23907	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/24636	af854a3a-2127-422b-91ae-364da2661108	N/A
http://security.gentoo.org/glsa/glsa-200609-07.xml	af854a3a-2127-422b-91ae-364da2661108	N/A
http://securitytracker.com/id?1016828	af854a3a-2127-422b-91ae-364da2661108	N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1	af854a3a-2127-422b-91ae-364da2661108	N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm	af854a3a-2127-422b-91ae-364da2661108	N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.debian.org/security/2006/dsa-1193	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:164	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.novell.com/linux/security/advisories/2006_23_sr.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.redhat.com/support/errata/RHSA-2006-0665.html	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2006-0666.html	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://www.securityfocus.com/archive/1/445812/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/archive/1/464268/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/19974	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.ubuntu.com/usn/usn-344-1	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vupen.com/english/advisories/2006/3581	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vupen.com/english/advisories/2006/3582	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vupen.com/english/advisories/2007/0322	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vupen.com/english/advisories/2007/1171	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/28890	af854a3a-2127-422b-91ae-364da2661108	N/A
https://issues.rpath.com/browse/RPL-614	af854a3a-2127-422b-91ae-364da2661108	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History