CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Intel : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-8272 Exec Code 2014-12-19 2014-12-19
5.0
None Remote Low Not required None Partial None
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.
2 CVE-2014-3735 119 DoS Overflow 2014-05-19 2014-06-03
4.3
None Remote Medium Not required None None Partial
ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file.
3 CVE-2014-2536 22 Dir. Trav. 2014-03-18 2014-04-01
4.3
None Remote Medium Not required Partial None None
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors.
4 CVE-2013-5740 Exec Code Bypass 2013-09-12 2014-07-11
6.9
None Local Medium Not required Complete Complete Complete
Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors.
5 CVE-2013-4786 255 2013-07-08 2013-10-16
7.8
None Remote Low Not required Complete None None
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
6 CVE-2013-4219 189 DoS Exec Code Overflow 2013-08-24 2013-08-26
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices allow remote attackers to cause a denial of service (component crash) or possibly execute arbitrary code via an L5 connection with a crafted PDU value that triggers a heap-based buffer overflow within (1) L5SocketsDispatcher.c or (2) L5Connector.c.
7 CVE-2013-4218 310 +Info 2013-08-24 2013-08-27
2.1
None Local Low Not required Partial None None
The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicant_key.pem on all systems, which allows local users to obtain sensitive information via unspecified decryption operations.
8 CVE-2013-4217 310 +Info 2013-08-24 2013-08-26
2.1
None Local Low Not required Partial None None
The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c in the OSAL crypt module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices logs a cleartext password during certain attempts to set a password, which allows local users to obtain sensitive information by reading a log file.
9 CVE-2013-4216 264 DoS 2013-08-24 2013-08-27
2.1
None Local Low Not required None None Partial
The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule/TraceModule.c in the Trace module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses world-writable permissions for wimaxd.log, which allows local users to cause a denial of service (data corruption) by modifying this file.
10 CVE-2011-5174 119 Exec Code Overflow Bypass 2012-09-15 2012-09-17
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2nd_gen_i5_i7_SINIT_51.BIN Express; Intel Q57, 3450 Chipsets and Mobile Intel QM57 and QS57 Express Chipset before i5_i7_DUAL_SINIT_51.BIN and i7_QUAD_SINIT_51.BIN; Mobile Intel GM45, GS45, and PM45 Express Chipset before GM45_GS45_PM45_SINIT_51.BIN; Intel Q35 Express Chipsets before Q35_SINIT_51.BIN; and Intel 5520, 5500, X58, and 7500 Chipsets before SINIT ACM 1.1 allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors.
11 CVE-2011-2604 399 DoS 2011-06-30 2011-07-12
7.1
None Remote Medium Not required None None Complete
The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK.
12 CVE-2010-5269 +Priv 2012-09-07 2012-09-10
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information.
13 CVE-2010-3268 20 DoS 2010-12-22 2013-02-06
5.0
None Remote Low Not required None None Partial
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request.
14 CVE-2010-0560 Exec Code 2010-02-08 2010-02-26
4.6
None Local Low Not required Partial Partial Partial
Unspecified vulnerability in the BIOS in Intel Desktop Board DB, DG, DH, DP, and DQ Series allows local administrators to execute arbitrary code in System Management Mode (SSM) via unknown attack vectors.
15 CVE-2010-0307 DoS 2010-02-17 2012-03-19
4.7
None Local Medium Not required None None Complete
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
16 CVE-2010-0291 264 DoS +Priv 2010-02-15 2012-03-19
4.6
None Local Low Not required Partial Partial Partial
The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess."
17 CVE-2010-0006 20 DoS 2010-01-26 2012-03-19
7.1
None Remote Medium Not required None None Complete
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567.
18 CVE-2010-0003 200 DoS +Info 2010-01-26 2012-03-19
5.4
None Local Medium Not required Partial None Complete
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address.
19 CVE-2009-4538 2010-01-12 2012-03-19
10.0
None Remote Low Not required Complete Complete Complete
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.
20 CVE-2009-4537 20 DoS 2010-01-12 2012-03-19
7.8
None Remote Low Not required None None Complete
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.
21 CVE-2009-4536 189 Bypass 2010-01-12 2012-03-19
7.8
None Remote Low Not required None None Complete
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.
22 CVE-2009-4419 16 Exec Code +Priv Bypass 2009-12-24 2009-12-28
7.2
Admin Local Low Not required Complete Complete Complete
Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded.
23 CVE-2009-1385 189 DoS 2009-06-04 2012-03-19
7.8
None Remote Low Not required None None Complete
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.
24 CVE-2009-0066 Bypass 2009-01-07 2009-01-08
7.6
Admin Remote High Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation of tboot. NOTE: as of 20090107, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
25 CVE-2008-7096 264 +Priv 2009-08-27 2009-08-28
6.9
None Local Medium Not required Complete Complete Complete
Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing certain remapping registers in Xen 3.3.
26 CVE-2008-3900 200 +Info 2008-09-03 2009-01-29
2.1
None Local Low Not required Partial None None
Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
27 CVE-2008-3635 119 DoS Exec Code Overflow 2008-09-10 2008-11-15
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
28 CVE-2008-2707 264 DoS 2008-06-16 2008-09-10
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and OpenSolaris before snv_93 allows remote attackers to cause a denial of service (network connectivity loss) via unknown vectors.
29 CVE-2007-5938 189 DoS 2007-12-06 2010-08-21
5.0
None Remote Low Not required None None Partial
The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors during module initialization.
30 CVE-2007-1307 2007-03-06 2008-11-15
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Lenovo Intel PRO/1000 LAN adapter before Build 135400, as used on IBM Lenovo ThinkPad systems, has unknown impact and attack vectors.
31 CVE-2007-0686 DoS Mem. Corr. 2007-02-02 2008-11-13
7.1
None Remote Medium Not required None None Complete
The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 (w29n51.sys) allows remote attackers to cause a denial of service (system crash) via crafted disassociation packets, which triggers memory corruption of "internal kernel structures," a different vulnerability than CVE-2006-6651. NOTE: this issue might overlap CVE-2006-3992.
32 CVE-2007-0661 DoS 2007-02-01 2008-11-13
5.4
None Local Network Medium Not required Partial Partial Partial
Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), Intel Server Boards 5000XAL, S5000PAL, S5000PSL, S5000XVN, S5000VCL, S5000VSA, SC5400RA, and OEM Firmware for Intel Enterprise Southbridge Baseboard Management Controller before 20070119, when Intelligent Platform Management Interface (IPMI) is enabled, allow remote attackers to connect and issue arbitrary IPMI commands, possibly triggering a denial of service.
33 CVE-2006-7215 2007-07-03 2008-09-05
2.1
None Local Low Not required None None Partial
The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop processor E6000 and E4000 incorrectly set the memory page Access (A) bit for a page in certain circumstances involving proximity of the code segment limit to the end of a code page, which has unknown impact and attack vectors on certain operating systems other than OpenBSD, aka AI90.
34 CVE-2006-6651 Exec Code Mem. Corr. 2006-12-19 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: some details are obtained solely from third party information.
35 CVE-2006-6385 Exec Code Overflow 2006-12-07 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers.
36 CVE-2006-4022 Exec Code 2006-08-08 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Intel 2100 PRO/Wireless Network Connection driver PROSet before 7.1.4.6 allows local users to corrupt memory and execute code via "requests for capabilities from higher-level protocol drivers or user-level applications" involving crafted frames, a different issue than CVE-2006-3992.
37 CVE-2006-3992 Exec Code Mem. Corr. 2006-08-04 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to execute arbitrary code via certain frames that trigger memory corruption.
38 CVE-2006-2316 DoS 2006-05-11 2008-09-05
4.9
None Local Low Not required Complete None None
S24EvMon.exe in the Intel PROset/Wireless software, possibly 10.1.0.33, uses a S24EventManagerSharedMemory shared memory section with weak permissions, which allows local users to read or modify passwords or other data, or cause a denial of service.
39 CVE-2006-0081 DoS 2006-01-04 2008-09-05
7.8
None Remote Low Not required None None Complete
ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service (crash or screen resolution change) via a long text field, as demonstrated using a long window title.
40 CVE-2005-4625 DoS 2005-12-31 2012-10-18
7.1
None Remote Medium Not required None None Complete
Drivers for certain display adapters, including (1) an unspecified ATI driver and (2) an unspecified Intel driver, might allow remote attackers to cause a denial of service (system crash) via a large JPEG image, as demonstrated in Internet Explorer using stoopid.jpg with a width and height of 9999999.
41 CVE-2004-2600 +Info 2004-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled.
42 CVE-2003-0859 DoS 2003-12-15 2010-08-21
4.9
None Local Low Not required None None Complete
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
43 CVE-2002-2059 2002-12-31 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to configuration information when BIOS passwords are enabled, which could allow local users to change the default boot device via the F8 key.
44 CVE-2002-0214 2002-05-16 2008-09-10
2.1
None Local Low Not required Partial None None
Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key.
45 CVE-2001-1520 2001-12-31 2008-09-05
2.1
None Local Low Not required Partial None None
Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN.
46 CVE-2001-0903 2001-11-20 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Linear key exchange process in High-bandwidth Digital Content Protection (HDCP) System allows remote attackers to access data as plaintext, avoid device blacklists, clone devices, and create new device keyvectors by computing and using alternate key combinations for authentication.
47 CVE-2000-0989 DoS Exec Code Overflow 2000-12-19 2008-09-10
5.0
None Remote Low Not required None None Partial
Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service allows remote attackers to cause a denial of service and possibly execute commands via a long username.
48 CVE-2000-0882 DoS 2000-11-14 2008-09-05
5.0
None Remote Low Not required None None Partial
Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed ICMP packet, which causes the CPU to crash.
49 CVE-2000-0764 DoS 2000-10-20 2008-09-05
5.0
None Remote Low Not required None None Partial
Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed IP packet.
50 CVE-2000-0516 2000-06-06 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server.
Total number of vulnerabilities : 55   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.