Filtered by vendor X.org
Subscribe
Total
149 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-4029 | 1 X.org | 1 X Server | 2025-04-11 | 1.9 LOW | N/A |
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file. | |||||
CVE-2013-2066 | 2 X, X.org | 2 Libxv, Libxv | 2025-04-11 | 6.8 MEDIUM | N/A |
Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function. | |||||
CVE-2011-4613 | 4 Canonical, Debian, Ubuntu and 1 more | 4 Ubuntu Linux, Debian Linux, Linux and 1 more | 2025-04-11 | 4.6 MEDIUM | N/A |
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY. | |||||
CVE-2013-1984 | 1 X.org | 1 Libxi | 2025-04-11 | 6.8 MEDIUM | N/A |
Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions. | |||||
CVE-2011-4028 | 1 X.org | 1 X Server | 2025-04-11 | 1.2 LOW | N/A |
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists. | |||||
CVE-2007-1351 | 7 Mandrakesoft, Openbsd, Redhat and 4 more | 11 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall and 8 more | 2025-04-09 | 8.5 HIGH | N/A |
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. | |||||
CVE-2006-5215 | 3 Netbsd, Sun, X.org | 4 Netbsd, Solaris, Sunos and 1 more | 2025-04-09 | 2.6 LOW | N/A |
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file. | |||||
CVE-2009-2711 | 2 Sun, X.org | 3 Opensolaris, Solaris, X11 | 2025-04-09 | 4.9 MEDIUM | N/A |
XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276. | |||||
CVE-2006-6103 | 2 X.org, Xfree86 Project | 2 X.org, Xfree86 | 2025-04-09 | 6.6 MEDIUM | N/A |
Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. | |||||
CVE-2007-4730 | 1 X.org | 1 Xorg-server | 2025-04-09 | 4.3 MEDIUM | N/A |
Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. | |||||
CVE-2009-2718 | 2 Sun, X.org | 2 Java Se, X11 | 2025-04-09 | 6.8 MEDIUM | N/A |
The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet. | |||||
CVE-2006-6101 | 2 X.org, Xfree86 Project | 2 X.org, Xfree86 | 2025-04-09 | 6.6 MEDIUM | N/A |
Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures. | |||||
CVE-2006-6102 | 2 X.org, Xfree86 Project | 2 X.org, Xfree86 X Server | 2025-04-09 | 10.0 HIGH | N/A |
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. | |||||
CVE-2007-6427 | 7 Apple, Canonical, Debian and 4 more | 11 Mac Os X, Ubuntu Linux, Debian Linux and 8 more | 2025-04-09 | 9.3 HIGH | N/A |
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990. | |||||
CVE-2007-6428 | 1 X.org | 2 Tog-cup, Xserver | 2025-04-09 | 5.0 MEDIUM | N/A |
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index. | |||||
CVE-2007-1352 | 8 Mandrakesoft, Openbsd, Redhat and 5 more | 14 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall and 11 more | 2025-04-09 | 3.8 LOW | N/A |
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | |||||
CVE-2007-1667 | 3 Canonical, Debian, X.org | 3 Ubuntu Linux, Debian Linux, Libx11 | 2025-04-09 | 9.3 HIGH | N/A |
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. | |||||
CVE-2008-0006 | 2 Sun, X.org | 3 Solaris Libfont, Solaris Libxfont, Xserver | 2025-04-09 | 7.5 HIGH | N/A |
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table. | |||||
CVE-2007-6429 | 1 X.org | 3 Evi, Mit-shm, Xserver | 2025-04-09 | 9.3 HIGH | N/A |
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension. | |||||
CVE-2007-5958 | 1 X.org | 1 Xserver | 2025-04-09 | 5.0 MEDIUM | N/A |
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists. |