Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xfree86 project xfree86 x server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-1409
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
Xfree86 Project Xfree86 X Server 4.1.0.2
NA
CVE-2005-2495
Multiple integer overflows in XFree86 prior to 4.3.0 allow user-assisted malicious users to execute arbitrary code via a crafted pixmap image.
Xfree86 Project Xfree86 3.3.6
Xfree86 Project Xfree86 4.0.0
Xfree86 Project Xfree86 4.0.1
Xfree86 Project Xfree86 4.0.2
Xfree86 Project Xfree86 4.2.0
Xfree86 Project Xfree86 4.2.1
Xfree86 Project Xfree86 4.0.3
Xfree86 Project Xfree86 4.1.0
NA
CVE-2006-3739
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
X.org X.org 6.8.2
Xfree86 Project Xfree86 X
NA
CVE-2006-3740
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
X.org X.org 6.8.2
Xfree86 Project Xfree86 X
NA
CVE-2004-0094
Integer signedness errors in XFree86 4.1.0 allow remote malicious users to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI).
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
NA
CVE-2004-0084
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CV...
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.1.0
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
1 EDB exploit
NA
CVE-2004-0093
XFree86 4.1.0 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI).
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
NA
CVE-2006-6102
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified da...
X.org X.org 6.9.0
X.org X.org 7.0
X.org X.org 6.8.2
X.org X.org 7.1
Xfree86 Project Xfree86 X Server
NA
CVE-2007-5760
Array index error in the XFree86-Misc extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to execute arbitrary code via a PassMessage request containing a large array index.
Xfree86 Project Xfree86-misc
X.org Xserver
NA
CVE-2004-0106
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »