Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xfree86 project xfree86 vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2000-1060
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.
Xfree86 Project Xfce 3.5.1
505
VMScore
CVE-2000-0476
xterm, Eterm, and rxvt allow an malicious user to cause a denial of service by embedding certain escape characters which force the window to be resized.
Putty Putty 0.48
Xfree86 Project X11r6 3.3.3
Xfree86 Project X11r6 4.0
Michael Jennings Eterm 0.8.10
Rxvt Rxvt 2.6.1
1 EDB exploit
890
VMScore
CVE-2006-6102
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified da...
X.org X.org 6.9.0
X.org X.org 7.0
X.org X.org 6.8.2
X.org X.org 7.1
Xfree86 Project Xfree86 X Server
668
VMScore
CVE-2003-0730
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote malicious users to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
Netbsd Netbsd 1.5.1
Netbsd Netbsd 1.5.2
Netbsd Netbsd 1.5
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.6
Netbsd Netbsd 1.6.1
668
VMScore
CVE-2004-0419
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote malicious users to connect to the port, in violation of the intended restrictions.
X.org X11r6 6.7.0
Xfree86 Project Xdm Cvs
Gentoo Linux 1.4
755
VMScore
CVE-2002-1317
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
Xfree86 Project X11r6 3.3.4
Xfree86 Project X11r6 3.3.5
Sgi Irix 6.5.2
Sgi Irix 6.5.3
Xfree86 Project X11r6 3.3
Sgi Irix 6.5.10
Sgi Irix 6.5.11
Sgi Irix 6.5.6
Sgi Irix 6.5.7
Sgi Irix 6.5.8
Xfree86 Project X11r6 3.3.2
Xfree86 Project X11r6 3.3.3
Sgi Irix 6.5.12
Sgi Irix 6.5.13
Sgi Irix 6.5.9
Sgi Irix 6.5
Sgi Irix 6.5.1
Sgi Irix 6.5.4
Sgi Irix 6.5.5
Hp Hp-ux 10.10
Hp Hp-ux 10.20
Sun Solaris 2.5.1
1 EDB exploit
890
VMScore
CVE-1999-0241
Guessable magic cookies in X Windows allows remote malicious users to execute commands, e.g. through xterm.
Sgi Irix
Xfree86 Project X11r6
Sun Solaris 2.5.1
Sun Solaris 2.5
Sun Solaris 7.0
Sun Sunos -
756
VMScore
CVE-2007-1351
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont prior to 20070403 and (2) freetype 2.3.2 and previous versions allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Ubuntu Ubuntu Linux 6.06 Lts
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.10
X.org Libxfont 1.2.2
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.3.0.1
Xfree86 Project X11r6 4.3.0.2
Rpath Rpath Linux 1
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux 5.0
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
Mandrakesoft Mandrake Multi Network Firewall 2.0
465
VMScore
CVE-1999-0433
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
Xfree86 Project X11r6 3.3.3
Slackware Slackware Linux 3.5
Redhat Linux 5.1
Redhat Linux 5.2
Slackware Slackware Linux 3.4
Netbsd Netbsd 1.3.3
Slackware Slackware Linux 4.0
Suse Suse Linux 5.2
Suse Suse Linux 6.0
Suse Suse Linux 6.1
Suse Suse Linux 5.1
Slackware Slackware Linux 3.6
Slackware Slackware Linux 3.3
Netbsd Netbsd 1.3.2
1 EDB exploit
338
VMScore
CVE-2007-1352
Integer overflow in the FontFileInitTable function in X.Org libXfont prior to 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
Mandrakesoft Mandrake Multi Network Firewall 2.0
X.org Libxfont 1.2.2
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux 4.0
Redhat Fedora Core Core 1.0
Redhat Linux 9.0
Redhat Enterprise Linux Desktop 5.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Slackware Slackware Linux Current
Slackware Slackware Linux 9.0
Slackware Slackware Linux 9.1
Turbolinux Turbolinux Desktop 10.0
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.06 Lts
Ubuntu Ubuntu Linux 6.10
Ubuntu Ubuntu Linux 4.1
Rpath Linux 1
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »