CVE - CVE-2006-4655

CVE-ID
CVE-2006-4655	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:19905 URL:http://www.securityfocus.com/bid/19905 BUGTRAQ:20060908 [RISE-2006001] X11R6 XKEYBOARD extension Strcmp() buffer overflow URL:http://www.securityfocus.com/archive/1/445579/100/0/threaded CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-195.htm MISC:http://www.risesecurity.org/advisory/RISE-2006001.txt OVAL:oval:org.mitre.oval:def:1798 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1798 SECTRACK:1016806 URL:http://securitytracker.com/id?1016806 SECUNIA:21815 URL:http://secunia.com/advisories/21815 SECUNIA:21845 URL:http://secunia.com/advisories/21845 SECUNIA:21856 URL:http://secunia.com/advisories/21856 SECUNIA:21993 URL:http://secunia.com/advisories/21993 SREASON:1545 URL:http://securityreason.com/securityalert/1545 SUNALERT:102570 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102570-1 VUPEN:ADV-2006-3525 URL:http://www.vupen.com/english/advisories/2006/3525 VUPEN:ADV-2006-3529 URL:http://www.vupen.com/english/advisories/2006/3529 XF:xorg-libx11-xkeyboard-bo(28820) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/28820
Assigning CNA
MITRE Corporation
Date Record Created
20060908	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060908)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)