Filtered by vendor X.org
Subscriptions
Filtered by product Xserver
Subscriptions
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-0006 | 3 Redhat, Sun, X.org | 4 Enterprise Linux, Solaris Libfont, Solaris Libxfont and 1 more | 2024-11-21 | N/A |
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table. | ||||
CVE-2007-6429 | 2 Redhat, X.org | 4 Enterprise Linux, Evi, Mit-shm and 1 more | 2024-11-21 | N/A |
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension. | ||||
CVE-2007-6428 | 2 Redhat, X.org | 3 Enterprise Linux, Tog-cup, Xserver | 2024-11-21 | N/A |
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index. | ||||
CVE-2007-5958 | 2 Redhat, X.org | 2 Enterprise Linux, Xserver | 2024-11-21 | N/A |
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists. | ||||
CVE-2007-5760 | 3 Redhat, X.org, Xfree86 Project | 3 Enterprise Linux, Xserver, Xfree86-misc | 2024-11-21 | N/A |
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index. | ||||
CVE-2007-2437 | 1 X.org | 2 X Window System, Xserver | 2024-11-21 | N/A |
The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps functions, which trigger a divide-by-zero error. |
Page 1 of 1.