Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org xserver vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4029
The LockServer function in os/utils.c in X.Org xserver prior to 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
X.org X Server 1.11.0
X.org X Server
1 EDB exploit
1 Github repository
NA
CVE-2011-0465
xrdb.c in xrdb prior to 1.0.9 in X.Org X11R7.6 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
X X11 R7.0
X X11 R3
X X11 R6.1
X X11 R6.8.0
Matthias Hopf Xrdb 1.0.2
X X11 R6.7
X X11 R7.2
X X11 R2
X X11
X X11 R7.1
X X11 R7.5
X X11 R5
X X11 R6.9.0
X X11 R7.3
X X11 R1
X X11 R6.8.1
X X11 R6.4
Matthias Hopf Xrdb 1.0.4
Matthias Hopf Xrdb
Matthias Hopf Xrdb 1.0.7
Matthias Hopf Xrdb 1.0.5
X X11 R4
NA
CVE-2007-6427
The XInput extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
X.org X Server
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Apple Mac Os X
Fedoraproject Fedora 8
Fedoraproject Fedora 7
Opensuse Opensuse 10.2
Suse Linux Enterprise Server 9
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Open Enterprise Server -
Suse Linux 10.1
Suse Linux Enterprise Server 8
Suse Linux Enterprise Desktop 9
NA
CVE-2007-6429
Multiple integer overflows in X.Org Xserver prior to 1.4.1 allow context-dependent malicious users to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or ...
X.org Xserver
X.org Evi
X.org Mit-shm
NA
CVE-2007-5958
X.Org Xserver prior to 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
X.org Xserver
1 EDB exploit
NA
CVE-2007-6428
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.
X.org Xserver
X.org Tog-cup
NA
CVE-2008-0006
Buffer overflow in (1) X.Org Xserver prior to 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent malicious users to execute arbitrary code via a PCF font with a large difference between the last col and first col va...
X.org Xserver
Sun Solaris Libxfont
Sun Solaris Libfont
NA
CVE-2007-5760
Array index error in the XFree86-Misc extension in X.Org Xserver prior to 1.4.1 allows context-dependent malicious users to execute arbitrary code via a PassMessage request containing a large array index.
X.org Xserver
Xfree86 Project Xfree86-misc
NA
CVE-2007-2437
The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and previous versions, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps fu...
X.org X Window System 7.2
X.org Xserver
X.org X Window System 7.0
X.org X Window System 7.1
1 EDB exploit
NA
CVE-2007-1003
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions prior to 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in...
X.org X11 7.1 1.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »