Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2014-8091

Published: 10/12/2014 Updated: 13/02/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Xorg-server

Vulnerability Summary

X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) prior to 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote malicious users to cause a denial of service (NULL pointer dereference and server crash) via a crafted connection request.

Vulnerable Product Search on Vulmon Subscribe to Product

x.org xorg-server

x.org x11 5.0

Vendor Advisories

Red Hat: Important: xorg-x11-server security update
Synopsis Important: xorg-x11-server security update Type/Severity Security Advisory: Important Topic Updated xorg-x11-server packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 6 and 7Red Hat Product Security has rated this update as having Important securityimpact Com ...
Red Hat: Important: xorg-x11-server security update
Synopsis Important: xorg-x11-server security update Type/Severity Security Advisory: Important Topic Updated xorg-x11-server packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5Red Hat Product Security has rated this update as having Important securityimpact Common Vu ...
Ubuntu Security Notice: xorg-server, xorg-server-lts-trusty vulnerabilities
Several security issues were fixed in the XOrg X server ...
Ubuntu Security Notice: nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-331, nvidia-graphics-drivers-331-updates vulnerabilities
Several security issues were fixed in the NVIDIA graphics drivers ...
Debian Security Advisories: DSA-3095-1 xorg-server -- security update
Ilja van Sprundel of IOActive discovered several security issues in the Xorg X server, which may lead to privilege escalation or denial of service For the stable distribution (wheezy), these problems have been fixed in version 1124-6+deb7u5 For the upcoming stable distribution (jessie), these problems will be fixed soon For the unstable distr ...
Amazon Linux AMI: ALAS-2015-470
Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the XOrg server calculated memory requirements for certain X11 core protocol and GLX extension requests A malicious, authenticated client could use either of these flaws to crash the XOrg server or, potentially, execute arbitrary code with root privileges (CVE-2 ...

References

NVD-CWE-Otherhttp://www.x.org/wiki/Development/Security/Advisory-2014-12-09/http://secunia.com/advisories/62292http://www.debian.org/security/2014/dsa-3095http://advisories.mageia.org/MGASA-2014-0532.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:119http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlhttp://www.securityfocus.com/bid/71597https://security.gentoo.org/glsa/201504-06http://secunia.com/advisories/61947https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2014:1983https://usn.ubuntu.com/2436-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook