CVE-2006-1390
Published Mar 25, 2006
Last updated 6 years ago
Overview
- Description
- The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- -
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA"
},
{
"criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0"
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074"
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482"
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB"
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993"
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F"
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E"
}
],
"operator": "OR"
}
]
}
]