Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-1036

FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges.

Published

2005-05-02T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-909

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	freebsd	freebsd	≤ 5.4	Yes
Hardware	amd	amd64	-	No

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc Broken Link ([email protected])
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc Broken Link (af854a3a-2127-422b-91ae-364da2661108)