RSS   Vulnerabilities for 'Xserver'   RSS

2008-01-18
 
CVE-2008-0006

CWE-119
 

 
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.

 
 
CVE-2007-6429

CWE-362
 

 
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.

 
 
CVE-2007-6428

CWE-Other
 

 
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.

 
 
CVE-2007-6427

CWE-399
 

 
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.

 
 
CVE-2007-5958

CWE-200
 

 
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.

 
 
CVE-2007-5760

CWE-Other
 

 
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.

 
2007-05-02
 
CVE-2007-2437

 

 
The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps functions, which trigger a divide-by-zero error.

 

 >>> Vendor: X.org 32 Products
X11
Xterm
X11r6
X.org
X11r7
Emu-linux-x87-xlibs
XDM
Xf86dga
Xinit
Xload
Xorg-server
Libx11
Libxfont
X window system
Xserver
X font server
Xinput
Tog-cup
EVI
Mit-shm
Libxinerama
Libxrender
Libxv
X.org-server
X.xorg-server
Xfree86
X.org x11
Libxfixes
Libxi
Libxrandr
Libxtst
Libxvmc


Copyright 2019, cxsecurity.com

 

Back to Top