Filtered by vendor Xfree86 Project
Subscribe
Total
39 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0094 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.5 HIGH | N/A |
| Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI). | |||||
| CVE-2001-1178 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. | |||||
| CVE-2006-3740 | 2 X.org, Xfree86 Project | 2 X.org, Xfree86 X | 2025-04-03 | 7.2 HIGH | N/A |
| Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections. | |||||
| CVE-2004-0687 | 4 Openbsd, Suse, X.org and 1 more | 4 Openbsd, Suse Linux, X11r6 and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. | |||||
| CVE-2002-1317 | 4 Hp, Sgi, Sun and 1 more | 5 Hp-ux, Irix, Solaris and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | |||||
| CVE-2004-0419 | 3 Gentoo, X.org, Xfree86 Project | 3 Linux, X11r6, Xdm | 2025-04-03 | 7.5 HIGH | N/A |
| XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. | |||||
| CVE-2004-0084 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106. | |||||
| CVE-2000-0504 | 3 Gnome, Open Group, Xfree86 Project | 3 Gdm, X, X11r6 | 2025-04-03 | 5.0 MEDIUM | N/A |
| libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | |||||
| CVE-2006-3739 | 2 X.org, Xfree86 Project | 2 X.org, Xfree86 X | 2025-04-03 | 7.2 HIGH | N/A |
| Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow. | |||||
| CVE-2004-0914 | 6 Gentoo, Lesstif, Redhat and 3 more | 6 Linux, Lesstif, Fedora Core and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions. | |||||
| CVE-2003-0071 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 2.1 LOW | N/A |
| The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | |||||
| CVE-2001-1179 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
| xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | |||||
| CVE-1999-0241 | 3 Sgi, Sun, Xfree86 Project | 4 Irix, Solaris, Sunos and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. | |||||
| CVE-2004-0106 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. | |||||
| CVE-2005-2495 | 1 Xfree86 Project | 1 Xfree86 | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image. | |||||
| CVE-1999-0126 | 1 Xfree86 Project | 1 Xfree86 | 2025-04-03 | 7.2 HIGH | N/A |
| SGI IRIX buffer overflow in xterm and Xaw allows root access. | |||||
| CVE-2000-0476 | 4 Michael Jennings, Putty, Rxvt and 1 more | 4 Eterm, Putty, Rxvt and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized. | |||||
| CVE-2004-0083 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106. | |||||
| CVE-2000-1060 | 1 Xfree86 Project | 1 Xfce | 2025-04-03 | 4.6 MEDIUM | N/A |
| The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges. | |||||