CVE-2007-0005

Published Mar 10, 2007

Last updated a month ago

CVSS info 6.9

Overview

Description: Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges.
Source: secalert@redhat.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.9
Impact score: 10
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:rc2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "47F56C42-6A77-425E-9C12-3841EE497C95",
            "versionEndIncluding": "2.6.21"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "50B422D1-6C6E-4359-A169-3EED78A1CF40"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "08A6E33E-5847-45DA-B9C9-79A7C5C877D6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6AD2E9DC-2876-4515-BCE6-DDD0CC6A5708"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A2F19064-CFBF-4B3C-A0A1-CE62265CD592"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AD3F0CEC-B8FA-47E3-BA3E-182F43D3DA86"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AB759752-DC19-4750-838B-056063EFDC5F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "96A43C95-8569-40BE-9E5B-F9B3D0B9D188"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ABD70B2B-9827-4DBB-B82D-0B70C2D4AB1F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "99662904-E5E3-4E81-B199-39707EAEB652"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:omnikey.aaitg:omnikey_cardman_4040:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77860C0B-02A7-40A4-AE39-8A1627F15383"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References