VAR-200601-0231
Vulnerability from variot - Updated: 2025-04-03 22:26ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service (crash or screen resolution change) via a long text field, as demonstrated using a long window title. This issue allows attackers to crash the display manager on Microsoft Windows XP, or cause a complete system crash on computers running Microsoft Windows 2000. Other operating systems where the affected display driver is available are also likely affected. Version 6.14.10.4308 of the Intel Graphics Accelerator driver is considered vulnerable to this issue. Other versions may also be affected. This issue will be updated as further information becomes available. This issue may be related to the one described in BID 10913 (Microsoft Windows Large Image Processing Remote Denial Of Service Vulnerability), but this has not been confirmed. Attempting to parse very long text in Mozilla Firefox triggers a buffer overflow that crashes the Windows Display Manager. This can potentially be exploited to cause a DoS e.g. by tricking a user to open a window to an overly long URL with the browser.
Successful exploitation may cause the system to restart or cause the system to revert to a low resolution display mode.
The vulnerability has been confirmed in version 6.14.10.4308.
SOLUTION: Do not visit non-trusted websites or open non-trusted files.
PROVIDED AND/OR DISCOVERED BY: $um$id
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200601-0231",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "graphics accelerator driver",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "6.14.10.4308"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.14.10.4308"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "16127"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-017"
},
{
"db": "NVD",
"id": "CVE-2006-0081"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Casiamo casiamo@gmail.com Sumit Siddharth sumit.siddharth@gmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200601-017"
}
],
"trust": 0.6
},
"cve": "CVE-2006-0081",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-0081",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-16189",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-0081",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200601-017",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-16189",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16189"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-017"
},
{
"db": "NVD",
"id": "CVE-2006-0081"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service (crash or screen resolution change) via a long text field, as demonstrated using a long window title. \nThis issue allows attackers to crash the display manager on Microsoft Windows XP, or cause a complete system crash on computers running Microsoft Windows 2000. Other operating systems where the affected display driver is available are also likely affected. \nVersion 6.14.10.4308 of the Intel Graphics Accelerator driver is considered vulnerable to this issue. Other versions may also be affected. \nThis issue will be updated as further information becomes available. This issue may be related to the one described in BID 10913 (Microsoft Windows Large Image Processing Remote Denial Of Service Vulnerability), but this has not been confirmed. Attempting to parse very long text in Mozilla Firefox triggers a buffer overflow that crashes the Windows Display Manager. This can\npotentially be exploited to cause a DoS e.g. by tricking a user to\nopen a window to an overly long URL with the browser. \n\nSuccessful exploitation may cause the system to restart or cause the\nsystem to revert to a low resolution display mode. \n\nThe vulnerability has been confirmed in version 6.14.10.4308. \n\nSOLUTION:\nDo not visit non-trusted websites or open non-trusted files. \n\nPROVIDED AND/OR DISCOVERED BY:\n$um$id\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0081"
},
{
"db": "BID",
"id": "16127"
},
{
"db": "VULHUB",
"id": "VHN-16189"
},
{
"db": "PACKETSTORM",
"id": "42758"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "16127",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "18286",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2006-0081",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "22196",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-0017",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200601-017",
"trust": 0.7
},
{
"db": "FULLDISC",
"id": "20060102 BUFFER OVERFLOW VULNERABILITY IN WINDOWS DISPLAY MANAGER [SUSPECTED]",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20060103 RE: [FULL-DISCLOSURE] BUFFER OVERFLOW VULNERABILITY IN WINDOWS DISPLAY MANAGER [SUSPECTED]",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-16189",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42758",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16189"
},
{
"db": "BID",
"id": "16127"
},
{
"db": "PACKETSTORM",
"id": "42758"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-017"
},
{
"db": "NVD",
"id": "CVE-2006-0081"
}
]
},
"id": "VAR-200601-0231",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16189"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:26:05.512000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16189"
},
{
"db": "NVD",
"id": "CVE-2006-0081"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/16127"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/22196"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18286"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2006/jan/8"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2006/jan/32"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/0017"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/0017"
},
{
"trust": 0.6,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0029.html"
},
{
"trust": 0.6,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0003.html"
},
{
"trust": 0.3,
"url": "http://support.intel.com/support/graphics/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6734/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18286/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16189"
},
{
"db": "BID",
"id": "16127"
},
{
"db": "PACKETSTORM",
"id": "42758"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-017"
},
{
"db": "NVD",
"id": "CVE-2006-0081"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-16189"
},
{
"db": "BID",
"id": "16127"
},
{
"db": "PACKETSTORM",
"id": "42758"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-017"
},
{
"db": "NVD",
"id": "CVE-2006-0081"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-16189"
},
{
"date": "2006-01-03T00:00:00",
"db": "BID",
"id": "16127"
},
{
"date": "2006-01-04T04:21:16",
"db": "PACKETSTORM",
"id": "42758"
},
{
"date": "2006-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200601-017"
},
{
"date": "2006-01-04T06:03:00",
"db": "NVD",
"id": "CVE-2006-0081"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-16189"
},
{
"date": "2006-01-10T23:31:00",
"db": "BID",
"id": "16127"
},
{
"date": "2006-05-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200601-017"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-0081"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200601-017"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Graphics Accelerator Drives Remote Denial of Service Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200601-017"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200601-017"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.