rpm package

suse/xorg-x11-server&distro=SUSE Linux Enterprise Server 12 SP3

pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Vulnerabilities (14)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-12187		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12186		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12185		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12184		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12183		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12182		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12181		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12180		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12179		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12178		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12177		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12176		—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-13723	Hig	7.8	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Oct 10, 2017	In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbco
CVE-2017-13721	Med	4.7	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Oct 10, 2017	In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.

CVE-2017-12187Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12186Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12185Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12184Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12183Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12182Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12181Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12180Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12179Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12178Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12177Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12176Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-13723HigOct 10, 2017
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbco
CVE-2017-13721MedOct 10, 2017
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.