Lucene search
K

3347 matches found

CERT
CERT
added 2006/10/25 12:0 a.m.31 views

X.Org fails to check for setuid failure on Linux systems

Overview Programs distributed as part of the X.Org software distribution fail to properly handle test results for effective user ID. This vulnerability may lead to privilege escalation. Description Linux, like most Unix systems, provides a system call, setuid, to set the effective user ID of a...

7.2CVSS7.3AI score0.00434EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2006/10/10 4:6 a.m.21 views

CVE-2006-5214

Race condition in the Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession...

1.2CVSS5.9AI score0.00351EPSS
Exploits0References2
NVD
NVD
added 2006/10/10 4:6 a.m.31 views

CVE-2006-5215

The Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file...

2.6CVSS6.1AI score0.00304EPSS
Exploits0References8
OSV
OSV
added 2006/10/10 4:6 a.m.5 views

CVE-2006-5215

The Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file...

6.1AI score
Exploits0References8
Cvelist
Cvelist
added 2006/10/09 9:0 p.m.31 views

CVE-2006-5214

Race condition in the Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession...

5.8AI score0.00351EPSS
Exploits0References13
CVE
CVE
added 2006/10/09 9:0 p.m.58 views

CVE-2006-5214

CVE-2006-5214 describes a race condition in the Xsession handling of X Display Manager environments affecting NetBSD, X.Org, and Solaris releases as listed; the root cause is a window between creating the user’s Xsession errors file and applying the chmod, which can let local users read other use...

1.2CVSS5.8AI score0.00351EPSS
Exploits0References13Affected Software3
Slackware Linux
Slackware Linux
added 2006/09/17 5:14 a.m.34 views

[slackware-security] x11

New x11 X.Org packages are available for Slackware 10.2, and -current to fix security issues due to overflows in font parsing. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-3739...

7.2CVSS6.7AI score0.00576EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/09/15 12:0 a.m.35 views

GLSA-200609-07 : LibXfont, monolithic X.org: Multiple integer overflows

The remote host is affected by the vulnerability described in GLSA-200609-07 LibXfont, monolithic X.org: Multiple integer overflows Several integer overflows have been found in the CID font parser. Impact : A remote attacker could exploit this vulnerability by enticing a user to load a malicious...

7.2CVSS5.7AI score0.00576EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2006/09/13 4:46 a.m.63 views

USN-344-1: X.org vulnerabilities

iDefense security researchers found several integer overflows in X.org's font handling library. By using a specially crafted Type1 CID font file, a local user could exploit these to crash the X server or execute arbitrary code with root privileges...

7.2CVSS5.6AI score0.00576EPSS
Exploits0
NVD
NVD
added 2006/09/13 1:7 a.m.20 views

CVE-2006-3740

Integer overflow in the scancidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted 1 CMap and 2 CIDFont font data with modified item counts in the a begincodespacerange, b cidrange, and c notdefrange sections...

7.2CVSS7.1AI score0.00503EPSS
Exploits0References39
OSV
OSV
added 2006/09/13 1:7 a.m.8 views

CVE-2006-3740

Integer overflow in the scancidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted 1 CMap and 2 CIDFont font data with modified item counts in the a begincodespacerange, b cidrange, and c notdefrange sections...

7.2AI score
Exploits0References42
NVD
NVD
added 2006/09/13 1:7 a.m.19 views

CVE-2006-3739

Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics AFM files with a modified number of character metrics StartCharMetrics, which leads to a heap-based buffer overflow...

7.2CVSS7.2AI score0.00576EPSS
Exploits0References39
UbuntuCve
UbuntuCve
added 2006/09/13 1:7 a.m.33 views

CVE-2006-3739

Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics AFM files with a modified number of character metrics StartCharMetrics, which leads to a heap-based buffer overflow...

7.2CVSS6.5AI score0.00576EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2006/09/13 1:7 a.m.28 views

CVE-2006-3740

Integer overflow in the scancidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted 1 CMap and 2 CIDFont font data with modified item counts in the a begincodespacerange, b cidrange, and c notdefrange sections...

7.2CVSS6.3AI score0.00503EPSS
Exploits0References2
OSV
OSV
added 2006/09/13 1:7 a.m.1 views

DEBIAN-CVE-2006-3740

Integer overflow in the scancidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted 1 CMap and 2 CIDFont font data with modified item counts in the a begincodespacerange, b cidrange, and c notdefrange sections...

7.2CVSS7.5AI score0.00503EPSS
Exploits0References1
OSV
OSV
added 2006/09/13 1:7 a.m.13 views

CVE-2006-3739

Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics AFM files with a modified number of character metrics StartCharMetrics, which leads to a heap-based buffer overflow...

7.3AI score
Exploits0References42
Cvelist
Cvelist
added 2006/09/13 1:0 a.m.24 views

CVE-2006-3740

Integer overflow in the scancidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted 1 CMap and 2 CIDFont font data with modified item counts in the a begincodespacerange, b cidrange, and c notdefrange sections...

7.1AI score0.00503EPSS
Exploits0References39
CVE
CVE
added 2006/09/13 1:0 a.m.94 views

CVE-2006-3740

The CVE-2006-3740 entry concerns an integer overflow in X.Org 6.8.2’s scan_cidfont handling and the XFree86 X server, triggered by crafted CMap/CIDFont font data with manipulated item counts in begincodespacerange, cidrange, or notdefrange sections. Impact is local code execution or denial of ser...

7.2CVSS7.1AI score0.00503EPSS
Exploits0References39Affected Software2
Cvelist
Cvelist
added 2006/09/13 1:0 a.m.25 views

CVE-2006-3739

Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics AFM files with a modified number of character metrics StartCharMetrics, which leads to a heap-based buffer overflow...

7.1AI score0.00576EPSS
Exploits0References39
CVE
CVE
added 2006/09/13 1:0 a.m.83 views

CVE-2006-3739

CVE-2006-3739 is associated with the X11 server (X.Org/XFree86) vulnerability described as a heap-based overflow triggered by crafted Adobe Font Metrics files. Connected advisories reference Solaris 10 patches for Xsun (X11 6.6.2) with CVE-2006-3739 included in the patch sets (e.g., 119060-64 on ...

7.2CVSS7.1AI score0.00576EPSS
Exploits0References39Affected Software2
Rows per page
Query Builder