CVE-2006-1390

{"id": "CVE-2006-1390", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-03-25T00:06:00.000", "references": [{"url": "http://bugs.gentoo.org/show_bug.cgi?id=122376", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://bugs.gentoo.org/show_bug.cgi?id=125902", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://bugs.gentoo.org/show_bug.cgi?id=127167", "source": "cve@mitre.org"}, {"url": "http://bugs.gentoo.org/show_bug.cgi?id=127319", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/19376", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-23.xml", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/24104", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/428739/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/428743/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/17217", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25528", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks."}], "lastModified": "2018-10-18T16:32:26.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA"}, {"criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0"}, {"criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074"}, {"criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482"}, {"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB"}, {"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993"}, {"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F"}, {"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "This vulnerability applies only to the following games/versions: \r\n1) NetHack 3.4.3-r1 and previous \r\n2) Falcon's Eye 1.9.4a and previous \r\n3) Slash'EM 0.0.760 and previous"}