Vulnerability Description
Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another user launches tetris-bsd.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bsd-Games | Tetris-Bsd | gold |
References
- http://bugs.gentoo.org/show_bug.cgi?id=122399Patch
- http://secunia.com/advisories/19442
- http://www.gentoo.org/security/en/glsa/glsa-200603-26.xmlPatchVendor Advisory
- http://www.osvdb.org/24261
- http://www.securityfocus.com/bid/17308Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25611
- http://bugs.gentoo.org/show_bug.cgi?id=122399Patch
- http://secunia.com/advisories/19442
- http://www.gentoo.org/security/en/glsa/glsa-200603-26.xmlPatchVendor Advisory
- http://www.osvdb.org/24261
- http://www.securityfocus.com/bid/17308Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25611
FAQ
What is CVE-2006-1539?
CVE-2006-1539 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by mo...
How severe is CVE-2006-1539?
CVE-2006-1539 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1539?
Check the references section above for vendor advisories and patch information. Affected products include: Bsd-Games Tetris-Bsd.