VYPR

rpm package

suse/xorg-x11-server&distro=SUSE Linux Enterprise Server for SAP Applications 12

pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Vulnerabilities (5)

  • CVE-2017-10972MedJul 6, 2017
    affected < 7.6_1.15.2-30.22.1fixed 7.6_1.15.2-30.22.1

    Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server.

  • CVE-2017-10971HigJul 6, 2017
    affected < 7.6_1.15.2-30.22.1fixed 7.6_1.15.2-30.22.1

    In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.

  • CVE-2015-3418HigDec 13, 2016
    affected < 7.6_1.15.2-28.4fixed 7.6_1.15.2-28.4

    The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.

  • CVE-2015-0255Feb 13, 2015
    affected < 7.6_1.15.2-21.1fixed 7.6_1.15.2-21.1

    X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.

  • CVE-2014-8092Dec 10, 2014
    affected < 7.6_1.15.2-28.4fixed 7.6_1.15.2-28.4

    Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutI