CVE-2006-2935

Scores

EPSS

0.000none0.0%

0%20%40%60%80%100%

Percentile: 0.0%

CVSS

4.6medium2.0

0246810

CVSS Score: 4.6/10

All CVSS Scores

CVSS 2.0

4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Description

The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

debiannvd

CWEs

CWE-120

Related Vulnerabilities

BDU:2015-03499 BDU:2015-04819 BDU:2015-04820 BDU:2015-04821 BDU:2015-04822 BDU:2015-04823 BDU:2015-04824 BDU:2015-04825 BDU:2015-04826 BDU:2015-04827 BDU:2015-04828 BDU:2015-04829 BDU:2015-04830 BDU:2015-04831 BDU:2015-04832 BDU:2015-04833 BDU:2015-04834 BDU:2015-04835 BDU:2015-04836 BDU:2015-04837 BDU:2015-04838 BDU:2015-04839 BDU:2015-04840 BDU:2015-04841 BDU:2015-04842 BDU:2015-04843 BDU:2015-04844 BDU:2015-04845 BDU:2015-04846 BDU:2015-04847 BDU:2015-04848 BDU:2015-04849 BDU:2015-04850 BDU:2015-04851 BDU:2015-04852 BDU:2015-04853 BDU:2015-04854 BDU:2015-04855 BDU:2015-04856 BDU:2015-04857 BDU:2015-04858 BDU:2015-04859 BDU:2015-04860 BDU:2015-04861 BDU:2015-04862 BDU:2015-04863 BDU:2015-04864 BDU:2015-04865 BDU:2015-04866 BDU:2015-04867 BDU:2015-04868 BDU:2015-04869 BDU:2015-04870 BDU:2015-04871 BDU:2015-04872 BDU:2015-04873 BDU:2015-04874 BDU:2015-04875 BDU:2015-04876 BDU:2015-04877 BDU:2015-04878 BDU:2015-04879

Vulnerable Software (4)

Type: Configuration

Product: linux-2.6

Operating System: debian

Trait:

{  "fixed": "2.6.17-5"}

Source: debian

Type: Configuration

Vendor: canonical

Product: ubuntu_linux

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: debian

Product: debian_linux

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: linux

Product: linux_kernel

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.16.16",      "versionStartIncluding": "2.2.16",      "vulnerable": true   ...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.16.16",      "versionStartIncluding": "2.2.16",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Russian Vulnerability Scanner Database

CVE-2006-2935

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

CWEs

Related Vulnerabilities

Vulnerable Software (4)