Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-4655

7 documents4 sources

Severity

4.6MEDIUM

EPSS

0.6%

top 29.21%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

SCO Unixware SUN Solaris

Timeline

PublishedSep 9

Latest updateMay 1

Description

Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDsun/solaris10.0, 8.0, 9.0+2

▶NVDsco/unixware7.1.3

🔴Vulnerability Details

GHSA

GHSA-2752-qr49-v2qw: Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6↗2022-05-01

▶

CVEList

CVE-2006-4655: Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6↗2006-09-09

▶

💥Exploits & PoCs

Exploit-DB

X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (2)↗2006-09-13

▶

Exploit-DB

X11R6 < 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow↗2006-09-08

▶

Exploit-DB

X11R6 < 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow↗2006-09-08

▶

Exploit-DB

X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (1)↗2006-09-08

▶