Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xfree86 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-0453
XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000.
Xfree86 Project X11r6 3.3.6
Xfree86 Project X11r6 4.0
Xfree86 Project X11r6 3.3.5
1 EDB exploit
7.2
CVSSv2
CVE-2001-0955
Buffer overflow in fbglyph.c in XFree86 prior to 4.2.0, related to glyph clipping for large origins, allows malicious users to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or fr...
Xfree86 Project X11r6 4.0
Xfree86 Project X11r6 4.0.1
Xfree86 Project X11r6 4.0.3
7.5
CVSSv2
CVE-2004-0687
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm prior to 6.8.1 allow remote malicious users to execute arbitrary code via a malformed XPM image file.
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 3.3.6
Xfree86 Project X11r6 4.0.2.11
Xfree86 Project X11r6 4.0.3
X.org X11r6 6.7.0
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
X.org X11r6 6.8
Xfree86 Project X11r6 4.0
Xfree86 Project X11r6 4.0.1
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.1.11
Suse Suse Linux 9.0
Suse Suse Linux 8.2
Suse Suse Linux 8
Suse Suse Linux 9.1
Openbsd Openbsd 3.5
Openbsd Openbsd 3.4
Suse Suse Linux 8.1
7.5
CVSSv2
CVE-2004-0688
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm prior to 6.8.1 may allow remote malicious users to execute arbitrary code via a malformed XPM image fi...
Xfree86 Project X11r6 4.0.3
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.0.1
Xfree86 Project X11r6 4.0.2.11
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
X.org X11r6 6.7.0
X.org X11r6 6.8
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 3.3.6
Xfree86 Project X11r6 4.0
Xfree86 Project X11r6 4.2.0
Openbsd Openbsd 3.4
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Openbsd Openbsd 3.5
Suse Suse Linux 8.1
Suse Suse Linux 8.2
Suse Suse Linux 8
3.6
CVSSv2
CVE-2001-1409
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
Xfree86 Project Xfree86 X Server 4.1.0.2
9.3
CVSSv2
CVE-2007-5760
Array index error in the XFree86-Misc extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to execute arbitrary code via a PassMessage request containing a large array index.
Xfree86 Project Xfree86-misc
X.org Xserver
7.2
CVSSv2
CVE-2006-3739
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
X.org X.org 6.8.2
Xfree86 Project Xfree86 X
7.2
CVSSv2
CVE-2006-3740
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
X.org X.org 6.8.2
Xfree86 Project Xfree86 X
7.5
CVSSv2
CVE-2001-1086
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote malicious users to gain unauthorized access to the X display via a brute force attack.
Xfree86 Project X11r6 3.3
Xfree86 Project X11r6 3.3.3
1 EDB exploit
7.2
CVSSv2
CVE-2002-1472
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »