10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
76.6%
XFree86 is an implementation of the X Window System, which provides the
core functionality for the Linux graphical desktop.
iDefense reported three integer overflow flaws in the XFree86 Render and
DBE extensions. A malicious authorized client could exploit this issue to
cause a denial of service (crash) or potentially execute arbitrary code
with root privileges on the XFree86 server. (CVE-2006-6101, CVE-2006-6102,
CVE-2006-6103)
Users of XFree86 should upgrade to these updated packages, which contain a
backported patch and is not vulnerable to this issue.