Lucene search
K

73 matches found

Cvelist
Cvelist
added 2008/01/18 10:0 p.m.21 views

CVE-2008-0006

Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...

9.7AI score0.05108EPSS
Exploits0References67
CVE
CVE
added 2008/01/18 10:0 p.m.101 views

CVE-2008-0006

CVE-2008-0006 is a buffer overflow in the X.Org X server and its PCF font handling (libXfont/libfont). The flaw occurs when processing PCF_BDF_ENCODINGS where lastCol-firstCol > 255, enabling a context-dependent attacker to potentially execute arbitrary code or crash the X server. Public advis...

7.5CVSS9.7AI score0.05108EPSS
Exploits0References67Affected Software3
Debian CVE
Debian CVE
added 2008/01/18 10:0 p.m.26 views

CVE-2008-0006

Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...

7.5CVSS7.6AI score0.05108EPSS
Exploits0
Debian CVE
Debian CVE
added 2008/01/18 10:0 p.m.35 views

CVE-2007-6429

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via 1 a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or 2 a request containing valu...

9.3CVSS7.8AI score0.02495EPSS
Exploits1
Debian CVE
Debian CVE
added 2008/01/18 10:0 p.m.37 views

CVE-2007-5760

Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index...

9.3CVSS7.2AI score0.03286EPSS
Exploits0
Cvelist
Cvelist
added 2008/01/18 10:0 p.m.33 views

CVE-2007-6427

The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990...

9.8AI score0.04278EPSS
Exploits0References67
CVE
CVE
added 2008/01/18 10:0 p.m.100 views

CVE-2007-6428

CVE-2007-6428: In the X.Org Xserver TOG-CUP extension, ProcGetReservedColormapEntries allows a context-dependent attacker to read arbitrary memory via a 32-bit value used as an array index (vulnerable in X.Org Xserver before 1.4.1). Impact: partial information disclosure. Concrete details appear ...

5CVSS9.1AI score0.01735EPSS
Exploits0References64Affected Software2
CVE
CVE
added 2008/01/18 10:0 p.m.122 views

CVE-2007-6429

CVE-2007-6429 is a vulnerability in the X.Org Xserver (pre-1.4.1) involving integer overflows in the EVI and MIT-SHM extensions that could lead to arbitrary code execution. The initial description indicates memory allocation based on a 32-bit value in GetVisualInfo and shared-memory management de...

9.3CVSS9.7AI score0.02495EPSS
Exploits1References69Affected Software3
CVE
CVE
added 2008/01/18 10:0 p.m.123 views

CVE-2007-5760

CVE-2007-5760 involves an array index error in the XFree86-Misc extension of X.Org Xserver prior to 1.4.1. The underlying flaw is an invalid array index in a PassMessage request, which context-dependent attackers could exploit to execute arbitrary code. Affected software is X.Org Xserver (XFree86...

9.3CVSS7AI score0.03286EPSS
Exploits0References50Affected Software2
RedHat Linux
RedHat Linux
added 2008/01/18 9:42 a.m.3 views

Xorg / XFree86 file existence disclosure vulnerability

X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists...

5CVSS5.9AI score0.05332EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2008/01/18 9:42 a.m.8 views

xfree86: information disclosure via TOG-CUP extension

The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index...

5CVSS7.4AI score0.01735EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/01/17 8:21 p.m.8 views

xfree86: integer overflow in EVI extension

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via 1 a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or 2 a request containing valu...

9.3CVSS7.7AI score0.02495EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/01/17 8:0 p.m.4 views

Xorg / XFree86 PCF font parser buffer overflow

Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...

7.5CVSS7.8AI score0.05108EPSS
Exploits0References4
Rows per page
Query Builder