5 matches found
CVE-2011-0465
CVE-2011-0465 affects xrdb.c in xrdb before 1.0.9 used with X.Org X11R7.6 and earlier. The vulnerability allows remote attackers to execute arbitrary commands by injecting shell metacharacters into a hostname received via DHCP or XDMCP. Multiple advisories reference upgrading xrdb to 1.0.9 or app...
CVE-2008-2360
CVE-2008-2360 involves an integer overflow in the AllocateGlyph() function of the X.org Render extension (X.Org X11R7.3, X server 1.4). The overflow can lead to a heap-based buffer overflow, allowing context-dependent attackers to execute arbitrary code or cause a crash if the server runs with su...
CVE-2008-1377
CVE-2008-1377 details (X.Org X11R7.3, X server 1.4): The Record extension (SProcRecordCreateContext, SProcRecordRegisterClients) and Security extension (SProcSecurityGenerateAuthorization) allow context-dependent attackers to trigger heap corruption via crafted requests with unusual length values...
CVE-2008-1379
CVE-2008-1379 describes an integer overflow in the MIT-SHM extension (fbShmPutImage) of the X.Org X11R7.3 X server version 1.4. This overflow can allow context-dependent attackers to read arbitrary process memory by crafting Pixmap width/height values. The corroborating connected advisories note ...
CVE-2008-2362
CVE-2008-2362 describes multiple integer overflows in the X.Org X server Render extension (X.Org X11R7.3) that can enable heap memory corruption via invalid fields in SProcRenderCreateLinearGradient, SProcRenderCreateRadialGradient, or SProcRenderCreateConicalGradient requests. The vulnerability ...