rpm package
opensuse/xorg-x11-server&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Tumbleweed
Vulnerabilities (82)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-14346 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Sep 15, 2020 | A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste | ||
| CVE-2020-14347 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Aug 5, 2020 | A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable. | ||
| CVE-2018-14665 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Oct 25, 2018 | A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrar | ||
| CVE-2017-2624 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jul 27, 2018 | It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is s | ||
| CVE-2017-12187 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12176 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-13721 | Med | 4.7 | < 1.20.13-1.2 | 1.20.13-1.2 | Oct 10, 2017 | In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session. | |
| CVE-2017-10971 | Hig | 8.8 | < 1.20.13-1.2 | 1.20.13-1.2 | Jul 6, 2017 | In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events. | |
| CVE-2008-2362 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jun 16, 2008 | Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with | ||
| CVE-2008-2361 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jun 16, 2008 | Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which | ||
| CVE-2008-2360 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jun 16, 2008 | Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffe | ||
| CVE-2008-1379 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jun 16, 2008 | Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height. | ||
| CVE-2008-1377 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jun 16, 2008 | The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code | ||
| CVE-2008-0006 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jan 18, 2008 | Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in | ||
| CVE-2007-6429 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jan 18, 2008 | Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a re | ||
| CVE-2007-6428 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jan 18, 2008 | The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index. | ||
| CVE-2007-6427 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jan 18, 2008 | The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990. | ||
| CVE-2007-5760 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Jan 18, 2008 | Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index. | ||
| CVE-2007-1003 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Apr 6, 2007 | Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in m | ||
| CVE-2006-6103 | — | < 1.20.13-1.2 | 1.20.13-1.2 | Dec 31, 2006 | Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data |
- CVE-2020-14346Sep 15, 2020affected < 1.20.13-1.2fixed 1.20.13-1.2
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste
- CVE-2020-14347Aug 5, 2020affected < 1.20.13-1.2fixed 1.20.13-1.2
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
- CVE-2018-14665Oct 25, 2018affected < 1.20.13-1.2fixed 1.20.13-1.2
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrar
- CVE-2017-2624Jul 27, 2018affected < 1.20.13-1.2fixed 1.20.13-1.2
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is s
- CVE-2017-12187Jan 24, 2018affected < 1.20.13-1.2fixed 1.20.13-1.2
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2017-12176Jan 24, 2018affected < 1.20.13-1.2fixed 1.20.13-1.2
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- affected < 1.20.13-1.2fixed 1.20.13-1.2
In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.
- affected < 1.20.13-1.2fixed 1.20.13-1.2
In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.
- CVE-2008-2362Jun 16, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with
- CVE-2008-2361Jun 16, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which
- CVE-2008-2360Jun 16, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffe
- CVE-2008-1379Jun 16, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.
- CVE-2008-1377Jun 16, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code
- CVE-2008-0006Jan 18, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in
- CVE-2007-6429Jan 18, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a re
- CVE-2007-6428Jan 18, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.
- CVE-2007-6427Jan 18, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
- CVE-2007-5760Jan 18, 2008affected < 1.20.13-1.2fixed 1.20.13-1.2
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.
- CVE-2007-1003Apr 6, 2007affected < 1.20.13-1.2fixed 1.20.13-1.2
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in m
- CVE-2006-6103Dec 31, 2006affected < 1.20.13-1.2fixed 1.20.13-1.2
Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data
Page 4 of 5