Missing Initialization of Resource

CVE-2005-1036

High

7.8/10

Summary

FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-909 - Missing Initialization of Resource

The software does not initialize a critical resource.

References

Advisory Timeline

Published May 02, 2005

Missing Initialization of Resource

CVE-2005-1036

Summary

CWE-909 - Missing Initialization of Resource

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS