73 matches found
CVE-2008-0006
Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...
CVE-2008-0006
CVE-2008-0006 is a buffer overflow in the X.Org X server and its PCF font handling (libXfont/libfont). The flaw occurs when processing PCF_BDF_ENCODINGS where lastCol-firstCol > 255, enabling a context-dependent attacker to potentially execute arbitrary code or crash the X server. Public advis...
CVE-2008-0006
Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...
CVE-2007-6429
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via 1 a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or 2 a request containing valu...
CVE-2007-5760
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index...
CVE-2007-6427
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990...
CVE-2007-6428
CVE-2007-6428: In the X.Org Xserver TOG-CUP extension, ProcGetReservedColormapEntries allows a context-dependent attacker to read arbitrary memory via a 32-bit value used as an array index (vulnerable in X.Org Xserver before 1.4.1). Impact: partial information disclosure. Concrete details appear ...
CVE-2007-6429
CVE-2007-6429 is a vulnerability in the X.Org Xserver (pre-1.4.1) involving integer overflows in the EVI and MIT-SHM extensions that could lead to arbitrary code execution. The initial description indicates memory allocation based on a 32-bit value in GetVisualInfo and shared-memory management de...
CVE-2007-5760
CVE-2007-5760 involves an array index error in the XFree86-Misc extension of X.Org Xserver prior to 1.4.1. The underlying flaw is an invalid array index in a PassMessage request, which context-dependent attackers could exploit to execute arbitrary code. Affected software is X.Org Xserver (XFree86...
Xorg / XFree86 file existence disclosure vulnerability
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists...
xfree86: information disclosure via TOG-CUP extension
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index...
xfree86: integer overflow in EVI extension
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via 1 a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or 2 a request containing valu...
Xorg / XFree86 PCF font parser buffer overflow
Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...