rpm package
suse/xorg-x11-server&distro=SUSE Linux Enterprise Desktop 12
pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Desktop%2012
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-3418 | Hig | 7.5 | < 7.6_1.15.2-28.4 | 7.6_1.15.2-28.4 | Dec 13, 2016 | The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request. | |
| CVE-2015-0255 | — | < 7.6_1.15.2-21.1 | 7.6_1.15.2-21.1 | Feb 13, 2015 | X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request. | ||
| CVE-2014-8092 | — | < 7.6_1.15.2-28.4 | 7.6_1.15.2-28.4 | Dec 10, 2014 | Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutI |
- affected < 7.6_1.15.2-28.4fixed 7.6_1.15.2-28.4
The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
- CVE-2015-0255Feb 13, 2015affected < 7.6_1.15.2-21.1fixed 7.6_1.15.2-21.1
X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.
- CVE-2014-8092Dec 10, 2014affected < 7.6_1.15.2-28.4fixed 7.6_1.15.2-28.4
Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutI