[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247974

 
 

909

 
 

194654

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-5093Date: (C)2007-09-26   (M)2023-12-22


The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.0
Exploit Score: 1.9
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
http://marc.info/?l=linux-kernel&m=118873457814808&w=2
http://marc.info/?l=linux-kernel&m=118880154122548&w=2
BID-25504
SECUNIA-26994
SECUNIA-28170
SECUNIA-28706
SECUNIA-28971
SECUNIA-29058
SECUNIA-30294
SECUNIA-32799
DSA-1381
DSA-1503
DSA-1504
MDVSA-2008:008
MDVSA-2008:105
RHSA-2008:0275
RHSA-2008:0972
USN-558-1
USN-574-1
USN-578-1
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.6
oval:org.mitre.oval:def:10494

CPE    186
cpe:/o:linux:linux_kernel:2.6.20.11
cpe:/o:linux:linux_kernel:2.6.20.12
cpe:/o:linux:linux_kernel:2.6.20.13
cpe:/o:linux:linux_kernel:2.6.20.14
...
CWE    1
CWE-399
OVAL    3
oval:org.mitre.oval:def:8130
oval:org.mitre.oval:def:8063
oval:org.secpod.oval:def:301365

© SecPod Technologies