Vulnerabilities (CVE)

Filtered by vendor X.org Subscribe
Total 145 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-7439 3 Canonical, Debian, X.org 4 Ubuntu Linux, Debian Linux, Libx11 and 1 more 2024-11-21 7.5 HIGH N/A
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.
CVE-2013-2066 2 X, X.org 2 Libxv, Libxv 2024-11-21 6.8 MEDIUM N/A
Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function.
CVE-2013-1998 1 X.org 1 Libxi 2024-11-21 6.8 MEDIUM N/A
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.
CVE-2013-1995 1 X.org 1 Libxi 2024-11-21 6.8 MEDIUM N/A
X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.
CVE-2013-1984 1 X.org 1 Libxi 2024-11-21 6.8 MEDIUM N/A
Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
CVE-2012-2118 1 X.org 1 X11 2024-11-21 10.0 HIGH N/A
Format string vulnerability in the LogVHdrMessageVerb function in os/log.c in X.Org X11 1.11 allows attackers to cause a denial of service or possibly execute arbitrary code via format string specifiers in an input device name.
CVE-2011-4613 4 Canonical, Debian, Ubuntu and 1 more 4 Ubuntu Linux, Debian Linux, Linux and 1 more 2024-11-21 4.6 MEDIUM N/A
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.
CVE-2011-4029 1 X.org 1 X Server 2024-11-21 1.9 LOW N/A
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
CVE-2011-4028 1 X.org 1 X Server 2024-11-21 1.2 LOW N/A
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
CVE-2010-4818 1 X.org 1 X.org 2024-11-21 8.5 HIGH N/A
The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c.
CVE-2009-3100 2 Sun, X.org 3 Opensolaris, Solaris, X11 2024-11-21 4.0 MEDIUM N/A
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches.
CVE-2009-2718 2 Sun, X.org 2 Java Se, X11 2024-11-21 6.8 MEDIUM N/A
The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet.
CVE-2009-2711 2 Sun, X.org 3 Opensolaris, Solaris, X11 2024-11-21 4.9 MEDIUM N/A
XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276.
CVE-2008-0006 2 Sun, X.org 3 Solaris Libfont, Solaris Libxfont, Xserver 2024-11-21 7.5 HIGH N/A
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.
CVE-2007-6429 1 X.org 3 Evi, Mit-shm, Xserver 2024-11-21 9.3 HIGH N/A
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.
CVE-2007-6428 1 X.org 2 Tog-cup, Xserver 2024-11-21 5.0 MEDIUM N/A
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.
CVE-2007-6427 7 Apple, Canonical, Debian and 4 more 11 Mac Os X, Ubuntu Linux, Debian Linux and 8 more 2024-11-21 9.3 HIGH N/A
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
CVE-2007-5958 1 X.org 1 Xserver 2024-11-21 5.0 MEDIUM N/A
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
CVE-2007-5760 2 X.org, Xfree86 Project 2 Xserver, Xfree86-misc 2024-11-21 9.3 HIGH N/A
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.
CVE-2007-4990 1 X.org 1 X Font Server 2024-11-21 7.5 HIGH N/A
The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.