Filtered by vendor Xfree86 Project
Subscriptions
Total
39 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0063 | 3 Redhat, Xfree86, Xfree86 Project | 4 Enterprise Linux, Linux, Xfree86 and 1 more | 2024-11-21 | 7.3 High |
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
CVE-2002-1510 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, X11r6 | 2024-11-21 | N/A |
xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist. | ||||
CVE-2002-1472 | 2 Redhat, Xfree86 Project | 2 Linux, X11r6 | 2024-11-21 | N/A |
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | ||||
CVE-2002-1317 | 4 Hp, Sgi, Sun and 1 more | 5 Hp-ux, Irix, Solaris and 2 more | 2024-11-21 | N/A |
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | ||||
CVE-2001-1409 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, Xfree86 X Server | 2024-11-21 | N/A |
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system. | ||||
CVE-2001-1179 | 1 Xfree86 Project | 1 X11r6 | 2024-11-21 | N/A |
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | ||||
CVE-2001-1178 | 1 Xfree86 Project | 1 X11r6 | 2024-11-21 | N/A |
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. | ||||
CVE-2001-1086 | 1 Xfree86 Project | 1 X11r6 | 2024-11-21 | N/A |
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack. | ||||
CVE-2001-0955 | 1 Xfree86 Project | 1 X11r6 | 2024-11-21 | N/A |
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title. | ||||
CVE-2000-1060 | 1 Xfree86 Project | 1 Xfce | 2024-11-21 | N/A |
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges. | ||||
CVE-2000-0976 | 1 Xfree86 Project | 1 Xlib | 2024-11-21 | N/A |
Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter. | ||||
CVE-2000-0620 | 2 Open Group, Xfree86 Project | 2 X, X11r6 | 2024-11-21 | N/A |
libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop. | ||||
CVE-2000-0504 | 3 Gnome, Open Group, Xfree86 Project | 3 Gdm, X, X11r6 | 2024-11-21 | N/A |
libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | ||||
CVE-2000-0476 | 4 Michael Jennings, Putty, Rxvt and 1 more | 4 Eterm, Putty, Rxvt and 1 more | 2024-11-21 | N/A |
xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized. | ||||
CVE-2000-0453 | 1 Xfree86 Project | 1 X11r6 | 2024-11-21 | N/A |
XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000. | ||||
CVE-2000-0285 | 1 Xfree86 Project | 1 X11r6 | 2024-11-21 | N/A |
Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter. | ||||
CVE-1999-0433 | 5 Netbsd, Redhat, Slackware and 2 more | 5 Netbsd, Linux, Slackware Linux and 2 more | 2024-11-21 | N/A |
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | ||||
CVE-1999-0241 | 3 Sgi, Sun, Xfree86 Project | 4 Irix, Solaris, Sunos and 1 more | 2024-11-21 | N/A |
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. | ||||
CVE-1999-0126 | 1 Xfree86 Project | 1 Xfree86 | 2024-11-21 | N/A |
SGI IRIX buffer overflow in xterm and Xaw allows root access. |