xrdb.c in xrdb prior to 1.0.9 in X.Org X11R7.6 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
x x11 |
||
x x11 r7.5 |
||
matthias hopf xrdb 1.0.6 |
||
matthias hopf xrdb 1.0.5 |
||
matthias hopf xrdb 1.0.4 |
||
x x11 r6.8.0 |
||
x x11 r6.7.0 |
||
x x11 r6 |
||
x x11 r5 |
||
matthias hopf xrdb |
||
matthias hopf xrdb 1.0.7 |
||
x x11 r6.8.2 |
||
x x11 r6.8.1 |
||
x x11 r6.3 |
||
x x11 r6.1 |
||
x x11 r7.2 |
||
x x11 r7.1 |
||
x x11 r7.0 |
||
x x11 r6.9.0 |
||
x x11 r6.5.1 |
||
x x11 r6.4 |
||
x x11 r2 |
||
x x11 r1 |
||
x x11 r7.4 |
||
x x11 r7.3 |
||
matthias hopf xrdb 1.0.3 |
||
matthias hopf xrdb 1.0.2 |
||
x x11 r6.7 |
||
x x11 r6.6 |
||
x x11 r4 |
||
x x11 r3 |