VYPR

X.org

by Xorg

CVEs (28)

  • CVE-2006-6102Dec 31, 2006
    risk 0.00cvss epss 0.03

    Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified…

  • CVE-2006-5215Oct 10, 2006
    risk 0.00cvss epss 0.00

    The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a…

  • CVE-2006-5214Oct 10, 2006
    risk 0.00cvss epss 0.00

    Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local…

  • CVE-2006-3740Sep 13, 2006
    risk 0.00cvss epss 0.01

    Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.

  • CVE-2006-3739Sep 13, 2006
    risk 0.00cvss epss 0.01

    Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.

  • CVE-2006-4447Aug 30, 2006
    risk 0.00cvss epss 0.00

    X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by…

  • CVE-2006-0197Jan 13, 2006
    risk 0.00cvss epss 0.01

    The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a "long" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and…

  • CVE-2005-4691Dec 31, 2005
    risk 0.00cvss epss 0.00

    imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted…

Page 2 of 2