CVE-2014-8097

The DBE extension in X.Org X Window System aka X11 or X X11R6.1 and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index value to the 1...

CVE-2014-8102

The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System aka X11 or X X11R6.8.0 and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary...

CVE-2014-8091

X.Org X Window System aka X11 and X X11R5 and X.Org Server aka xserver and xorg-server before 1.16.3, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference a...

CVE-2014-8096

The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System aka X11 or X X11R6.0 and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a...

CVE-2014-8091

CVE-2014-8091 affects the X.Org X Window System server (X.Org X11, X.Org Server) prior to 1.16.3. The issue arises when using SUN-DES-1 (Secure RPC) credentials: malloc’s return value is not checked, enabling a remote attacker to trigger a denial of service via a crafted connection request, resul...

CVE-2014-8102

CVE-2014-8102 affects the X.Org X Window System's XFixes extension: SProcXFixesSelectSelectionInput in the XFixes extension of X.Org X Server versions before 1.16.3. A remote authenticated user can trigger an out-of-bounds read or write, leading to denial of service or potentially executing arbit...

CVE-2014-8100

CVE-2014-8100 affects X.Org X Server (and the X Render extension) prior to 1.16.3. A crafted length/index value to multiple Render-related handlers can trigger out-of-bounds read/write, enabling remote authenticated users to cause denial of service or potentially execute arbitrary code. Affected ...

CVE-2014-8099

The connected documents confirm CVE-2014-8099 is among a set of X.Org X server vulnerabilities affecting the XVideo extension. The issues arise from out-of-bounds reads/writes and integer overflow when handling certain memory/length values in various Xv-related SProc and related extension functio...

CVE-2014-8098

Affected software: X.Org X Window System (X.Org Server), GLX extension in X.Org X server prior to version 1.16.3. Root cause: several functions exposed via the GLX and other X11 core protocol paths accept crafted length or index values, enabling out-of-bounds read/write that could crash the serve...

CVE-2014-8097

CVE-2014-8097 is a vulnerability in the X.Org X Server DBE extension present in X.Org X Window System before 1.16.3. It allows remote authenticated users to trigger an out-of-bounds read or write via a crafted length or index value to the DBE-related functions (DbeSwapBuffers family), potentially...

CVE-2014-8096

CVE-2014-8096 affects the X.Org X Server (XC-MISC SProcXCMiscGetXIDList function) prior to 1.16.3. A crafted length or index value by a remote, authenticated client can cause an out-of-bounds read/write, potentially leading to denial of service or arbitrary code execution. Remediation: upgrade to...

CVE-2014-8092

Summary (CVE-2014-8092) : The X.Org X Server (X.Org X Window System) before version 1.16.3 is affected. The issue arises from multiple integer overflows and out-of-bounds memory access during handling of X11 core requests (notably in ProcPutImage, GetHosts, RegionSizeof, and various other functio...

CVE-2014-8101

CVE-2014-8101 affects the RandR extension of X.Org X Server (X11) prior to 1.16.3. A remote authenticated user can trigger an out-of-bounds read/write via crafted length or index values in SProcRRQueryVersion, SProcRRGetScreenInfo, SProcRRSelectInput, or SProcRRConfigureOutputProperty, potentiall...

CVE-2014-8095

CVE-2014-8095 affects X.Org X Server/X11R4 and later up to versions before 1.16.3. A crafted length or index value to a large set of X server/extension handlers (including XInput, DRI2/GLX, Render, XFixes, XI/others) can cause out-of-bounds reads/writes, leading to Denial of Service and potential...

CVE-2014-8093

Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via a crafted request to th...

CVE-2014-8096

The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System aka X11 or X X11R6.0 and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a...

CVE-2014-8097

The DBE extension in X.Org X Window System aka X11 or X X11R6.1 and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index value to the 1...

CVE-2014-8099

The XVideo extension in XFree86 4.0.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index...

CVE-2014-8098

The GLX extension in XFree86 4.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index valu...

CVE-2014-8101

The RandR extension in XFree86 4.2.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index...