Vulnerability Details : CVE-2006-4172
Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2006-4172
- cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-4172
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 23 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-4172
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2006-4172
-
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=414
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/29132
-
http://securitytracker.com/id?1016928
-
http://securitytracker.com/id?1016926
-
http://www.securityfocus.com/bid/20158
-
http://archives.neohapsis.com/archives/bugtraq/2006-09/0376.html
-
http://www.securityfocus.com/archive/1/446945/100/0/threaded
Jump to