3347 matches found
CVE-2006-3740
Integer overflow in the scancidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted 1 CMap and 2 CIDFont font data with modified item counts in the a begincodespacerange, b cidrange, and c notdefrange sections...
iDefense Security Advisory 09.12.06: Multiple Vendor X Server CID-keyed Fonts 'scan_cidfont()' Integer Overflow Vulnerability
Multiple Vendor X Server CID-keyed Fonts 'scancidfont' Integer Overflow Vulnerability iDefense Security Advisory 09.12.06 http://www.idefense.com/intelligence/vulnerabilities/ Sep 12, 2006 I. BACKGROUND The X Window System is a graphical windowing system based on a client/server model. More...
LibXfont, monolithic X.org: Multiple integer overflows
Background libXfont is the X.Org Xfont library, some parts are based on the FreeType code base. Description Several integer overflows have been found in the CID font parser. Impact A remote attacker could exploit this vulnerability by enticing a user to load a malicious font file resulting in the...
XFree / X.org integer overflows
Multiple integer overflows on Type One fonts parsing...
xorg security update
CentOS Errata and Security Advisory CESA-2006:0665 Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the...
Important: Red Hat Security Advisory: xorg-x11 security update
Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level...
security flaw
Integer overflow in the scancidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted 1 CMap and 2 CIDFont font data with modified item counts in the a begincodespacerange, b cidrange, and c notdefrange sections...
USN-341-1: libxfont vulnerability
An integer overflow has been discovered in X.org's font handling library. By using a specially crafted font file, this could be exploited to crash the X server or execute arbitrary code with root privileges...
CVE-2006-4447
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...
CVE-2006-4447
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...
CVE-2006-4447
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...
CVE-2006-4447
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...
CVE-2006-4447
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...
CVE-2006-4447
Summary: CVE-2006-4447 affects X.Org and XFree86 components (libX11, xdm, xf86dga, xinit, xload, xtrans, xterm) where setuid/seteuid return values are not checked when dropping privileges. This may enable local privilege escalation if those calls fail (e.g., due to ulimit). What is affected: X.Or...
CentOS 4 : xorg-x11 (CESA-2006:0634)
Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level...
GLSA-200608-25 : X.org and some X.org libraries: Local privilege escalations
The remote host is affected by the vulnerability described in GLSA-200608-25 X.org and some X.org libraries: Local privilege escalations Several X.org libraries and X.org itself contain system calls to setuid functions, without checking their result. Impact : Local users could deliberately exceed...
X.org and some X.org libraries: Local privilege escalations
Background X.org is an implementation of the X Window System. Description Several X.org libraries and X.org itself contain system calls to setuid functions, without checking their result. Impact Local users could deliberately exceed their assigned resource limits and elevate their privileges afte...
xorg security update
CentOS Errata and Security Advisory CESA-2006:0634 Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the...
Important: Red Hat Security Advisory: xorg-x11 security update
Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level...
X.Org server fails to properly test for effective user ID
Overview A vulnerability in the X.Org server could allow a local attacker to gain administrative privileges or cause a denial of service on an affected system. Description The X.Org server program provides several command-line options that are meant to be parsed only when the program is running a...