Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0084 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106. | |||||
CVE-2000-0504 | 3 Gnome, Open Group, Xfree86 Project | 3 Gdm, X, X11r6 | 2024-02-04 | 5.0 MEDIUM | N/A |
libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | |||||
CVE-2003-0071 | 1 Xfree86 Project | 1 X11r6 | 2024-02-04 | 2.1 LOW | N/A |
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | |||||
CVE-2001-1179 | 1 Xfree86 Project | 1 X11r6 | 2024-02-04 | 7.2 HIGH | N/A |
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | |||||
CVE-1999-0241 | 3 Sgi, Sun, Xfree86 Project | 4 Irix, Solaris, Sunos and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. | |||||
CVE-2004-0106 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2024-02-04 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. | |||||
CVE-2004-0083 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106. |