Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xfree86 project xfree86 x server vulnerabilities and exploits
(subscribe to this query)
320
VMScore
CVE-2001-1409
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
Xfree86 Project Xfree86 X Server 4.1.0.2
454
VMScore
CVE-2005-2495
Multiple integer overflows in XFree86 prior to 4.3.0 allow user-assisted malicious users to execute arbitrary code via a crafted pixmap image.
Xfree86 Project Xfree86 3.3.6
Xfree86 Project Xfree86 4.0.0
Xfree86 Project Xfree86 4.0.1
Xfree86 Project Xfree86 4.0.2
Xfree86 Project Xfree86 4.2.0
Xfree86 Project Xfree86 4.2.1
Xfree86 Project Xfree86 4.0.3
Xfree86 Project Xfree86 4.1.0
641
VMScore
CVE-2006-3739
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
X.org X.org 6.8.2
Xfree86 Project Xfree86 X
641
VMScore
CVE-2006-3740
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
X.org X.org 6.8.2
Xfree86 Project Xfree86 X
668
VMScore
CVE-2004-0094
Integer signedness errors in XFree86 4.1.0 allow remote malicious users to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI).
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
1000
VMScore
CVE-2004-0084
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CV...
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.1.0
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
1 EDB exploit
668
VMScore
CVE-2004-0093
XFree86 4.1.0 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI).
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
890
VMScore
CVE-2006-6102
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified da...
X.org X.org 6.9.0
X.org X.org 7.0
X.org X.org 6.8.2
X.org X.org 7.1
Xfree86 Project Xfree86 X Server
828
VMScore
CVE-2007-5760
Array index error in the XFree86-Misc extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to execute arbitrary code via a PassMessage request containing a large array index.
Xfree86 Project Xfree86-misc
X.org Xserver
641
VMScore
CVE-2004-0106
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »