Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xfree86 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-3467
Integer overflow in FreeType prior to 2.2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
Freetype Freetype
7.2
CVSSv2
CVE-1999-1489
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
Slackware Slackware Linux 3.1
1 EDB exploit
7.5
CVSSv2
CVE-1999-0434
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
Debian Debian Linux 2.0
Debian Debian Linux 2.1
Netbsd Netbsd 1.3.3
Redhat Linux 5.1
Caldera Openlinux 1.2
Suse Suse Linux 5.3
4.6
CVSSv2
CVE-2002-0164
Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and previous versions allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges.
Caldera Openlinux Workstation 3.1.1
Caldera Openlinux Server 3.1
Caldera Openlinux Server 3.1.1
Caldera Openlinux Workstation 3.1
2.1
CVSSv2
CVE-2005-4691
imake in NetBSD prior to 2.0.3, NetBSD-current prior to 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatte...
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
Netbsd Netbsd 2.0.2
Netbsd Netbsd 1.6
Netbsd Netbsd 1.6.2
Netbsd Netbsd 1.6.1
7.5
CVSSv2
CVE-2017-12180
xorg-x11-server prior to 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
X.org Xorg-server
7.5
CVSSv2
CVE-2017-12181
xorg-x11-server prior to 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
X.org Xorg-server
7.5
CVSSv2
CVE-2017-12182
xorg-x11-server prior to 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
X.org Xorg-server
6.8
CVSSv2
CVE-2007-4568
Integer overflow in the build_range function in X.Org X Font Server (xfs) prior to 1.0.5 allows context-dependent malicious users to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer o...
X.org X Font Server 1.0.1
X.org X Font Server 1.0.2
X.org X Font Server 1.0.4
6.2
CVSSv2
CVE-2007-3103
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
Fedoraproject Fedora Core 6.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 4.0
Redhat Linux
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »