On 11/7/06, Raphael Marichez <[EMAIL PROTECTED]> wrote: > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > Gentoo Linux Security Advisory GLSA 200611-03 > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > http://security.gentoo.org/ > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > Severity: High > Title: NVIDIA binary graphics driver: Privilege escalation > vulnerability > Date: November 07, 2006 > Bugs: #151635 > ID: 200611-03 > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > Synopsis > ======== > > The NVIDIA binary graphics driver is vulnerable to a local privilege > escalation [snip]
> An X client could trigger the buffer overflow with a maliciously > crafted series of glyphs. A remote attacker could also entice a user to > open a specially crafted web page, document or X client that will > trigger the buffer overflow. um ... doesn't that make it a *remote* privilege escalation ? Cheers, Nick Boyce -- The reason why worry kills more people than work is that more people worry than work _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
