{"api_version":"1","generated_at":"2026-05-03T03:49:46+00:00","cve":"CVE-2005-1036","urls":{"html":"https://cve.report/CVE-2005-1036","api":"https://cve.report/api/cve/CVE-2005-1036.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-1036","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-1036"},"summary":{"title":"CVE-2005-1036","description":"FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-05-02 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["CWE-909","n/a"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.2","severity":"","vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc","name":"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"text/plain","httpstatus":"404","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-1036","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1036","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"1036","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"amd64","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"1036","vulnerable":"1","versionEndIncluding":"5.4","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"freebsd","cpe5":"freebsd","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T21:35:59.945Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"FreeBSD-SA-05:03","tags":["vendor-advisory","x_refsource_FREEBSD","x_transferred"],"url":"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2005-04-10T04:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"FreeBSD-SA-05:03","tags":["vendor-advisory","x_refsource_FREEBSD"],"url":"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-1036","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"FreeBSD-SA-05:03","refsource":"FREEBSD","url":"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-1036","datePublished":"2005-04-10T04:00:00.000Z","dateReserved":"2005-04-10T00:00:00.000Z","dateUpdated":"2024-09-16T18:24:18.833Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-05-02 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["CWE-909","n/a"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0","versionEndIncluding":"5.4","matchCriteriaId":"4C8FBB70-DF79-4618-8ED3-1167562CB997"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amd:amd64:-:*:*:*:*:*:*:*","matchCriteriaId":"7145CF8C-9447-430F-BF8A-9B061F6E24C9"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"1036","Ordinal":"1","Title":"CVE-2005-1036","CVE":"CVE-2005-1036","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"1036","Ordinal":"1","NoteData":"FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges.","Type":"Description","Title":"CVE-2005-1036"},{"CveYear":"2005","CveId":"1036","Ordinal":"2","NoteData":"2005-04-10","Type":"Other","Title":"Published"}]}}}