[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability

On 11/7/06, Raphael Marichez <suppressed> wrote:


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200611-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: High
     Title: NVIDIA binary graphics driver: Privilege escalation
            vulnerability
      Date: November 07, 2006
      Bugs: #151635
        ID: 200611-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

The NVIDIA binary graphics driver is vulnerable to a local privilege
escalation

[snip]


An X client could trigger the buffer overflow with a maliciously
crafted series of glyphs. A remote attacker could also entice a user to
open a specially crafted web page, document or X client that will
trigger the buffer overflow.


um ... doesn't that make it a *remote* privilege escalation ?

Cheers,
Nick Boyce
--
The reason why worry kills more people than work is that more people
worry than work

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.