Filtered by vendor X
Subscribe
Total
52 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-2000 | 1 X | 1 Libxxf86dga | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions. | |||||
CVE-2010-4819 | 1 X | 1 X.org-xserver | 2023-12-10 | 3.6 LOW | N/A |
The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw." | |||||
CVE-2013-2066 | 2 X, X.org | 2 Libxv, Libxv | 2023-12-10 | 6.8 MEDIUM | N/A |
Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function. | |||||
CVE-2013-2062 | 1 X | 1 Libxp | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions. | |||||
CVE-2013-6462 | 1 X | 1 Libxfont | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file. | |||||
CVE-2011-0465 | 2 Matthias Hopf, X | 2 Xrdb, X11 | 2023-12-10 | 9.3 HIGH | N/A |
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message. | |||||
CVE-2010-1166 | 1 X | 1 X.org | 2023-12-10 | 7.1 HIGH | N/A |
The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition. | |||||
CVE-2011-2895 | 5 Freebsd, Freetype, Netbsd and 2 more | 5 Freebsd, Freetype, Netbsd and 2 more | 2023-12-10 | 9.3 HIGH | N/A |
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896. | |||||
CVE-2008-2362 | 1 X | 1 X11 | 2023-12-10 | 10.0 HIGH | N/A |
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption. | |||||
CVE-2008-1379 | 1 X | 1 X11 | 2023-12-10 | 6.8 MEDIUM | N/A |
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height. | |||||
CVE-2008-2360 | 1 X | 1 X11 | 2023-12-10 | 9.0 HIGH | N/A |
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow. | |||||
CVE-2008-1377 | 1 X | 1 X11 | 2023-12-10 | 9.0 HIGH | N/A |
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. |