libX11: Off-by-one error in XListExtensions in ListExt.c

An off-by-one error has been discovered in libX11 in functions XGetFontPath, XListExtensions, and XListFonts. An attacker who can either configure a malicious X server or modify the data coming from one could use this flaw to make the program crash or have other unspecified effects, caused by the...

Moderate: Red Hat Security Advisory: Xorg security and bug fix update

An update for Xorg is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Low: Red Hat Security Advisory: kde-workspace security and bug fix update

An update for kde-workspace, kde-settings, kdelibs, kmag, and virtuoso-opensource is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Fedora Update for cairo FEDORA-2018-3a195026f5

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Integer Overflow

The GIMP GNU Image Manipulation Program is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System XWD image dump files. A remote attacker could provide a...

Denial Of Service (DoS)

X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A flaw was found in the way the X.Org server handled lock files. A local user with access to the system console could use thi...

The vulnerability of the windowing system for building the graphical user interface of the xorg operating system in Astra Linux allows a hacker to alter the settings of the X-Session.

The vulnerability of the window system for creating a graphical user interface in the Astra Linux operating system’s xorg lies in an incorrect setting of the allow-user-xsession parameter in "/etc/X11/Xsession.options". Exploiting this vulnerability could allow a hacker to alter the default...

The vulnerability of the XListExtensions function in the client-side API library for the X Window System libX11 allows a attacker to cause a service failure.

The vulnerability of the XListExtensions function ListExt.c in the client API library for the X Window System libX11 is related to an “unit not counted” error. Exploiting this vulnerability allows a remote attacker to cause a service failure through a specially crafted server response...

Denial Of Service (DoS)

xorg-x11-server is vulnerable to denial of service DoS attacks. The vulnerability exists as X.Org X Window System aka X11 and X X11R5 and X.Org Server aka xserver and xorg-server before 1.16.3, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc...

Xorg X11 Server (AIX) - Local Privilege Escalation

Xorg X11 Server AIX - Local Privilege Escalation Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation Date: 29/11/2018 Exploit Author: @0xdono Original Discovery and Exploit: Narendra Shinde Vendor Homepage: https://www.x.org/ Platform: AIX Version: X Window System Version 7.1.1 Filese...

xorg security update

CentOS Errata and Security Advisory CESA-2018:3410 An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

X.Org X11 library: Multiple vulnerabilities

Background X.Org is an implementation of the X Window System. The X.Org X11 library provides the X11 protocol library files. Description Multiple vulnerabilities have been discovered in X.Org X11 library. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by...

Oracle Linux 7 : xorg-x11-server (ELSA-2018-3410)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-3410 advisory. - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges Tenable has extracted the preceding description block directly from the...

Important: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

ALPINE-CVE-2018-14600

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write of up to 128 bytes, leading to DoS or remote code execution...

X.org libX11 Denial of Service Vulnerability (CNVD-2018-16966)

X.Org libX11 is an X11 X Window System client library run by the X.Org Foundation. A denial of service vulnerability exists in the 'XListExtensions' function of the ListExt.c file in X.Org libX11 1.6.5 and earlier versions. An attacker can exploit this vulnerability by sending a reply that causes...

Debian DLA-1469-1 : libxcursor security update

It was discovered that there was a denial of service or potentially code execution vulnerability in libxcursor, a library designed to help locate and load cursors for the X Window System. For Debian 8 'Jessie', this issue has been fixed in libxcursor version 1:1.1.14-1+deb8u2. We recommend that y...

[SECURITY] Fedora 28 Update: qt3-3.3.8b-74.fc28

Qt is a GUI software toolkit which simplifies the task of writing and maintaining GUI Graphical User Interface applications for the X Window System. Qt is written in C++ and is fully object-oriented. This package contains the shared library needed to run Qt 3 applications, as well as the README...

[SECURITY] Fedora 27 Update: qt3-3.3.8b-74.fc27

Qt is a GUI software toolkit which simplifies the task of writing and maintaining GUI Graphical User Interface applications for the X Window System. Qt is written in C++ and is fully object-oriented. This package contains the shared library needed to run Qt 3 applications, as well as the README...

[SECURITY] Fedora 26 Update: ImageMagick-6.9.9.38-1.fc26

ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...