Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3095-1:40E46
HistoryDec 10, 2014 - 6:32 p.m.

[SECURITY] [DSA 3095-1] xorg-server security update

2014-12-1018:32:55
lists.debian.org
5

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.5%

JSON

Debian Security Advisory DSA-3095-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
December 10, 2014 http://www.debian.org/security/faq

Package : xorg-server
CVE ID : CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094
CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098
CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102

Ilja van Sprundel of IOActive discovered several security issues in the
X.org X server, which may lead to privilege escalation or denial of
service.

For the stable distribution (wheezy), these problems have been fixed in
version 1.12.4-6+deb7u5.

For the upcoming stable distribution (jessie), these problems will be
fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 2:1.16.2.901-1.

We recommend that you upgrade your xorg-server packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7ia64xserver-xorg-core-dbg< 2:1.12.4-6+deb7u5xserver-xorg-core-dbg_2:1.12.4-6+deb7u5_ia64.deb
Debian7i386xserver-xorg-core< 2:1.12.4-6+deb7u5xserver-xorg-core_2:1.12.4-6+deb7u5_i386.deb
Debian6i386xserver-xorg-core-dbg< 2:1.7.7-18+deb6u1xserver-xorg-core-dbg_2:1.7.7-18+deb6u1_i386.deb
Debian7s390xxnest< 2:1.12.4-6+deb7u5xnest_2:1.12.4-6+deb7u5_s390x.deb
Debian7kfreebsd-amd64xdmx< 2:1.12.4-6+deb7u5xdmx_2:1.12.4-6+deb7u5_kfreebsd-amd64.deb
Debian7kfreebsd-amd64xserver-xorg-core< 2:1.12.4-6+deb7u5xserver-xorg-core_2:1.12.4-6+deb7u5_kfreebsd-amd64.deb
Debian7mipsxserver-xfbdev< 2:1.12.4-6+deb7u5xserver-xfbdev_2:1.12.4-6+deb7u5_mips.deb
Debian7powerpcxserver-xephyr< 2:1.12.4-6+deb7u5xserver-xephyr_2:1.12.4-6+deb7u5_powerpc.deb
Debian7sparcxdmx< 2:1.12.4-6+deb7u5xdmx_2:1.12.4-6+deb7u5_sparc.deb
Debian7kfreebsd-i386xserver-xorg-core< 2:1.12.4-6+deb7u5xserver-xorg-core_2:1.12.4-6+deb7u5_kfreebsd-i386.deb
Rows per page:
1-10 of 1501

Related

openvas 21
osv 1
freebsd 2
redhat 2
nessus 27
ibm 1
suse 1
centos 2
debian 2
mageia 3
securityvulns 4
amazon 1
slackware 1
ubuntu 2
archlinux 4
oraclelinux 2
gentoo 1
fedora 3
veracode 12
prion 12
cve 12
ubuntucve 13
debiancve 12
kaspersky 1
oracle 1
openvas
openvas
Debian Security Advisory DSA 3095-1 (xorg-server - security update)
2014-12-10 00:00:00
Debian: Security Advisory (DSA-3095-1)
2014-12-09 00:00:00
Mageia: Security Advisory (MGASA-2014-0532)
2022-01-28 00:00:00
osv
osv
xorg-server - security update
2014-12-10 00:00:00
freebsd
freebsd
xserver -- multiple issue with X client request handling
2014-12-09 00:00:00
NVIDIA UNIX driver -- remote denial of service or arbitrary code execution
2014-12-03 00:00:00
redhat
redhat
(RHSA-2014:1982) Important: xorg-x11-server security update
2014-12-11 00:00:00
(RHSA-2014:1983) Important: xorg-x11-server security update
2014-12-11 00:00:00
nessus
nessus
Scientific Linux Security Update : xorg-x11-server on SL5.x i386/x86_64 (20141211)
2014-12-15 00:00:00
Debian DSA-3095-1 : xorg-server - security update
2014-12-15 00:00:00
SuSE 11.3 Security Update : xorg-x11-server (SAT Patch Number 10108)
2015-01-15 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in xorg-x11-server affect IBM Flex System Manager (FSM)
2019-01-31 02:10:01
suse
suse
Security update for xorg-x11-server (important)
2015-01-14 23:04:43
centos
centos
xorg security update
2014-12-11 20:11:55
xorg security update
2014-12-11 19:58:14
debian
debian
[SECURITY] [DLA 120-1] xorg-server security update
2014-12-22 10:23:16
[SECURITY] [DLA 120-2] xorg-server regression update
2015-05-04 04:06:46
mageia
mageia
Updated x11-server packages fix security vulnerabilities
2014-12-19 18:06:35
Updated nvidia packages fix security vulnerabilities
2015-01-07 18:14:58
Updated x11-server packages fix CVE-2015-3418
2015-05-06 18:16:01
securityvulns
securityvulns
[USN-2436-1] X.Org X server vulnerabilities
2014-12-11 00:00:00
X.Org X server and video drivers multiple security vulnerabilities
2014-12-11 00:00:00
[USN-2438-1] NVIDIA graphics drivers vulnerabilities
2014-12-11 00:00:00
amazon
amazon
Important: xorg-x11-server
2015-01-15 14:49:00
slackware
slackware
[slackware-security] xorg-server
2014-12-23 05:39:09
ubuntu
ubuntu
X.Org X server vulnerabilities
2014-12-09 00:00:00
NVIDIA graphics drivers vulnerabilities
2014-12-10 00:00:00
archlinux
archlinux
xorg-server: multiple issues
2014-12-12 00:00:00
nvidia-304xx: arbitrary code execution
2014-12-12 00:00:00
nvidia: arbitrary code execution
2014-12-12 00:00:00
oraclelinux
oraclelinux
xorg-x11-server security update
2014-12-11 00:00:00
xorg-x11-server security update
2014-12-11 00:00:00
gentoo
gentoo
X.Org X Server: Multiple vulnerabilities
2015-04-17 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: nx-libs-3.5.0.29-1.fc20
2015-03-26 21:29:40
[SECURITY] Fedora 21 Update: nx-libs-3.5.0.29-1.fc21
2015-03-26 21:51:39
[SECURITY] Fedora 22 Update: nx-libs-3.5.0.29-1.fc22
2015-03-21 04:53:26
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:05:57
Denial Of Service (DoS)
2019-01-15 09:03:27
Arbitrary Code Execution
2019-05-02 05:05:57
prion
prion
Null pointer dereference
2014-12-10 15:59:00
Out-of-bounds
2014-12-10 15:59:00
Out-of-bounds
2014-12-10 15:59:00
cve
cve
CVE-2014-8092
2014-12-10 15:59:00
CVE-2014-8094
2014-12-10 15:59:00
CVE-2014-8093
2014-12-10 15:59:00
ubuntucve
ubuntucve
CVE-2014-8095
2014-12-09 00:00:00
CVE-2014-8094
2014-12-09 00:00:00
CVE-2014-8093
2014-12-09 00:00:00
debiancve
debiancve
CVE-2014-8095
2014-12-10 15:59:00
CVE-2014-8093
2014-12-10 15:59:00
CVE-2014-8098
2014-12-10 15:59:00
kaspersky
kaspersky
KLA10630 Multiple vulnerabilities in Oracle VM VirtualBox
2015-07-14 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.5%

JSON
Related for DEBIAN:DSA-3095-1:40E46
openvas21osv1freebsd2redhat2nessus27ibm1suse1centos2debian2mageia3securityvulns4amazon1slackware1ubuntu2archlinux4oraclelinux2gentoo1fedora3veracode12prion12cve12ubuntucve13debiancve12kaspersky1oracle1