Filtered by vendor X Subscriptions
Total 52 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-1940 3 Canonical, Redhat, X 3 Ubuntu Linux, Enterprise Linux, X.org-xserver 2024-11-21 N/A
X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.
CVE-2012-1699 2 X, Xfree86 2 X.org X11, Xfree86 2024-11-21 N/A
The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference.
CVE-2012-0064 2 X, Xkeyboard Config Project 2 X.org X11, Xkeyboard-config 2024-11-21 N/A
xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations that break the input grab.
CVE-2011-2895 6 Freebsd, Freetype, Netbsd and 3 more 7 Freebsd, Freetype, Netbsd and 4 more 2024-11-21 N/A
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
CVE-2011-0465 3 Matthias Hopf, Redhat, X 3 Xrdb, Enterprise Linux, X11 2024-11-21 N/A
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
CVE-2010-4819 2 Redhat, X 2 Enterprise Linux, X.org-xserver 2024-11-21 N/A
The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw."
CVE-2010-1166 2 Redhat, X 2 Enterprise Linux, X.org 2024-11-21 N/A
The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition.
CVE-2008-2362 2 Redhat, X 2 Enterprise Linux, X11 2024-11-21 N/A
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.
CVE-2008-2360 2 Redhat, X 2 Enterprise Linux, X11 2024-11-21 N/A
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow.
CVE-2008-1379 2 Redhat, X 2 Enterprise Linux, X11 2024-11-21 N/A
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.
CVE-2008-1377 2 Redhat, X 2 Enterprise Linux, X11 2024-11-21 N/A
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
CVE-2007-5199 1 X 1 Libxfont 2024-11-21 9.8 Critical
A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact.