VYPR

Xlock

by David Bagley

CVEs (6)

  • CVE-2019-19520HigDec 5, 2019
    risk 0.51cvss 7.8epss 0.01

    xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGL_DRIVERS_PATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen.

  • CVE-2001-0652Oct 30, 2001
    risk 0.03cvss epss 0.01

    Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.

  • CVE-2000-0763Oct 20, 2000
    risk 0.03cvss epss 0.01

    xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.

  • CVE-1999-0306Nov 4, 1997
    risk 0.03cvss epss 0.02

    buffer overflow in HP xlock program.

  • CVE-1999-0030Jul 16, 1997
    risk 0.03cvss epss 0.01

    root privileges via buffer overflow in xlock command on SGI IRIX systems.

  • CVE-2000-0455May 29, 2000
    risk 0.00cvss epss 0.00

    Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option.