Lucene search
K

3347 matches found

Debian CVE
Debian CVE
added 2006/09/13 1:0 a.m.35 views

CVE-2006-3740

Integer overflow in the scancidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted 1 CMap and 2 CIDFont font data with modified item counts in the a begincodespacerange, b cidrange, and c notdefrange sections...

7.2CVSS7.3AI score0.00503EPSS
Exploits0
securityvulns
securityvulns
added 2006/09/13 12:0 a.m.64 views

iDefense Security Advisory 09.12.06: Multiple Vendor X Server CID-keyed Fonts 'scan_cidfont()' Integer Overflow Vulnerability

Multiple Vendor X Server CID-keyed Fonts 'scancidfont' Integer Overflow Vulnerability iDefense Security Advisory 09.12.06 http://www.idefense.com/intelligence/vulnerabilities/ Sep 12, 2006 I. BACKGROUND The X Window System is a graphical windowing system based on a client/server model. More...

7.2CVSS0.7AI score0.00503EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/09/13 12:0 a.m.36 views

LibXfont, monolithic X.org: Multiple integer overflows

Background libXfont is the X.Org Xfont library, some parts are based on the FreeType code base. Description Several integer overflows have been found in the CID font parser. Impact A remote attacker could exploit this vulnerability by enticing a user to load a malicious font file resulting in the...

7.2CVSS7.1AI score0.00576EPSS
Exploits0
securityvulns
securityvulns
added 2006/09/13 12:0 a.m.42 views

XFree / X.org integer overflows

Multiple integer overflows on Type One fonts parsing...

4.7AI score
Exploits0References1Affected Software2
Cent OS
Cent OS
added 2006/09/12 7:13 p.m.66 views

xorg security update

CentOS Errata and Security Advisory CESA-2006:0665 Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the...

7.2CVSS5.9AI score0.00576EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2006/09/12 4:7 p.m.34 views

Important: Red Hat Security Advisory: xorg-x11 security update

Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level...

7.2CVSS5.9AI score0.00576EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2006/09/12 3:51 p.m.6 views

security flaw

Integer overflow in the scancidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted 1 CMap and 2 CIDFont font data with modified item counts in the a begincodespacerange, b cidrange, and c notdefrange sections...

7.2CVSS6.2AI score0.00503EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2006/09/07 6:23 a.m.54 views

USN-341-1: libxfont vulnerability

An integer overflow has been discovered in X.org's font handling library. By using a specially crafted font file, this could be exploited to crash the X server or execute arbitrary code with root privileges...

7.5CVSS5.8AI score0.04304EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2006/08/30 1:4 a.m.30 views

CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...

7.2CVSS5.9AI score0.00434EPSS
Exploits0References1
NVD
NVD
added 2006/08/30 1:4 a.m.23 views

CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...

7.2CVSS7.6AI score0.00434EPSS
Exploits0References17
OSV
OSV
added 2006/08/30 1:4 a.m.9 views

CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...

6.4AI score
Exploits0References19
Debian CVE
Debian CVE
added 2006/08/30 1:0 a.m.74 views

CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...

7.2CVSS6.4AI score0.00434EPSS
Exploits0
Cvelist
Cvelist
added 2006/08/30 1:0 a.m.46 views

CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...

7.6AI score0.00434EPSS
Exploits0References17
CVE
CVE
added 2006/08/30 1:0 a.m.66 views

CVE-2006-4447

Summary: CVE-2006-4447 affects X.Org and XFree86 components (libX11, xdm, xf86dga, xinit, xload, xtrans, xterm) where setuid/seteuid return values are not checked when dropping privileges. This may enable local privilege escalation if those calls fail (e.g., due to ulimit). What is affected: X.Or...

7.2CVSS7.6AI score0.00434EPSS
Exploits0References17Affected Software9
Tenable Nessus
Tenable Nessus
added 2006/08/30 12:0 a.m.27 views

CentOS 4 : xorg-x11 (CESA-2006:0634)

Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level...

7.5CVSS5.6AI score0.04304EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/08/30 12:0 a.m.29 views

GLSA-200608-25 : X.org and some X.org libraries: Local privilege escalations

The remote host is affected by the vulnerability described in GLSA-200608-25 X.org and some X.org libraries: Local privilege escalations Several X.org libraries and X.org itself contain system calls to setuid functions, without checking their result. Impact : Local users could deliberately exceed...

7.2CVSS5.5AI score0.00434EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2006/08/28 12:0 a.m.40 views

X.org and some X.org libraries: Local privilege escalations

Background X.org is an implementation of the X Window System. Description Several X.org libraries and X.org itself contain system calls to setuid functions, without checking their result. Impact Local users could deliberately exceed their assigned resource limits and elevate their privileges afte...

7.2CVSS6.6AI score0.00434EPSS
Exploits0
Cent OS
Cent OS
added 2006/08/24 12:39 a.m.68 views

xorg security update

CentOS Errata and Security Advisory CESA-2006:0634 Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the...

7.5CVSS6AI score0.04304EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2006/08/21 11:0 p.m.44 views

Important: Red Hat Security Advisory: xorg-x11 security update

Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level...

7.5CVSS6AI score0.04304EPSS
Exploits0References2
CERT
CERT
added 2006/08/16 12:0 a.m.34 views

X.Org server fails to properly test for effective user ID

Overview A vulnerability in the X.Org server could allow a local attacker to gain administrative privileges or cause a denial of service on an affected system. Description The X.Org server program provides several command-line options that are meant to be parsed only when the program is running a...

7.2CVSS6.9AI score0.01099EPSS
Exploits4References10
Rows per page
Query Builder