Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1472 | 1 Xfree86 Project | 1 X11r6 | 2023-12-10 | 7.2 HIGH | N/A |
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | |||||
CVE-2003-0063 | 1 Xfree86 Project | 1 X11r6 | 2023-12-10 | 7.5 HIGH | N/A |
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
CVE-1999-0433 | 5 Netbsd, Redhat, Slackware and 2 more | 5 Netbsd, Linux, Slackware Linux and 2 more | 2023-12-10 | 4.6 MEDIUM | N/A |
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
CVE-2003-0071 | 1 Xfree86 Project | 1 X11r6 | 2023-12-10 | 2.1 LOW | N/A |
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | |||||
CVE-2000-0504 | 3 Gnome, Open Group, Xfree86 Project | 3 Gdm, X, X11r6 | 2023-12-10 | 5.0 MEDIUM | N/A |
libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | |||||
CVE-2004-0106 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2023-12-10 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. | |||||
CVE-1999-0241 | 3 Sgi, Sun, Xfree86 Project | 4 Irix, Solaris, Sunos and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |