5.1
CVE-2006-4146
- EPSS 3.23%
- Veröffentlicht 31.08.2006 22:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:31
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.23% | 0.866 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.1 | 4.9 | 6.4 |
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://secunia.com/advisories/25894
http://secunia.com/advisories/26909
http://secunia.com/advisories/27706
http://security.gentoo.org/glsa/glsa-200711-23.xml
http://www.vupen.com/english/advisories/2007/3229
http://secunia.com/advisories/25098
http://docs.info.apple.com/article.html?artnum=304669
http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html
http://secunia.com/advisories/21713
http://secunia.com/advisories/22205
http://secunia.com/advisories/22662
http://secunia.com/advisories/25632
http://secunia.com/advisories/25934
http://securitytracker.com/id?1017138
http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm
http://www.osvdb.org/28318
http://www.redhat.com/support/errata/RHSA-2007-0229.html
http://www.redhat.com/support/errata/RHSA-2007-0469.html
http://www.securityfocus.com/bid/19802
http://www.ubuntu.com/usn/usn-356-1
http://www.vupen.com/english/advisories/2006/3433
http://www.vupen.com/english/advisories/2006/4283
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463