X11r6
by Xorg
CVEs (31)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-0094 | 0.00 | — | 0.03 | Mar 15, 2004 | Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI). | |||
| CVE-2004-0106 | 0.00 | — | 0.00 | Mar 3, 2004 | Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. | |||
| CVE-2003-0730 | 0.00 | — | 0.05 | Oct 20, 2003 | Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | |||
| CVE-2002-1472 | 0.00 | — | 0.00 | Mar 3, 2003 | Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | |||
| CVE-2002-1510 | 0.00 | — | 0.02 | Mar 3, 2003 | xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist. | |||
| CVE-2003-0071 | 0.00 | — | 0.00 | Mar 3, 2003 | The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | |||
| CVE-2001-0955 | 0.00 | — | 0.00 | Sep 22, 2001 | Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an… | |||
| CVE-2001-1179 | 0.00 | — | 0.00 | Jul 17, 2001 | xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | |||
| CVE-2000-0620 | 0.00 | — | 0.02 | Jun 19, 2000 | libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop. | |||
| CVE-2000-0285 | 0.00 | — | 0.01 | Apr 16, 2000 | Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter. | |||
| CVE-1999-0241 | 0.00 | — | 0.04 | Nov 1, 1995 | Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
- CVE-2004-0094Mar 15, 2004risk 0.00cvss —epss 0.03
Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI).
- CVE-2004-0106Mar 3, 2004risk 0.00cvss —epss 0.00
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
- CVE-2003-0730Oct 20, 2003risk 0.00cvss —epss 0.05
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
- CVE-2002-1472Mar 3, 2003risk 0.00cvss —epss 0.00
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
- CVE-2002-1510Mar 3, 2003risk 0.00cvss —epss 0.02
xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist.
- CVE-2003-0071Mar 3, 2003risk 0.00cvss —epss 0.00
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
- CVE-2001-0955Sep 22, 2001risk 0.00cvss —epss 0.00
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an…
- CVE-2001-1179Jul 17, 2001risk 0.00cvss —epss 0.00
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters.
- CVE-2000-0620Jun 19, 2000risk 0.00cvss —epss 0.02
libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop.
- CVE-2000-0285Apr 16, 2000risk 0.00cvss —epss 0.01
Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter.
- CVE-1999-0241Nov 1, 1995risk 0.00cvss —epss 0.04
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
Page 2 of 2