CVSS: 9.8EPSS: 9%CPEs: 31EXPL: 0CVE-2011-0465 – xorg: xrdb code execution via crafted X client hostname
https://notcve.org/view.php?id=CVE-2011-0465
08 Apr 2011 — xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message. xrdb.c en xrdb anterior a v1.0.9 en X.Org X11R7.6 y anteriores permite a atacantes remotos ejecutar comandos arbitrarios mediante metacaracteres en un hostname obtenido de un mensaje (1) DHCP o (2) XDMCP. This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prio... • http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2008-1377 – X.org Record and Security extensions memory corruption
https://notcve.org/view.php?id=CVE-2008-1377
16 Jun 2008 — The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. Las funciones (1) SProcRecordCreateContext y (2) SProcRecordRegisterClients en la extensió... • ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1377.diff • CWE-189: Numeric Errors •
CVSS: 9.1EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1379 – X.org MIT-SHM extension arbitrary memory read
https://notcve.org/view.php?id=CVE-2008-1379
16 Jun 2008 — Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height. Desbordamiento de entero en la función fbShmPutImage de la extensión MIT-SHM en el X server 1.4 de X.Org X11R7.3, permite a atacantes dependientes del contexto leer la memoria de procesos de su elección mediante valores manipulados para el alto y ancho de un Pixmap. • ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2008-2360 – X.org Render extension AllocateGlyph() heap buffer overflow
https://notcve.org/view.php?id=CVE-2008-2360
16 Jun 2008 — Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow. Desboramiento de entero en la función AllocateGlyph de la extensión Render del servidor X-window 1.4 en X.org X11R7.3 permite a atacantes, dependiendo del contexto, ejecutar código arbitrario a través de campos de solici... • ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2360.diff • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2008-2362 – X.org Render extension input validation flaw causing memory corruption
https://notcve.org/view.php?id=CVE-2008-2362
16 Jun 2008 — Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption. Múltiples desbordamientos de entero en la extensión Render en el servidor X 1.4 de X.Org X11R7.3 permite a atacante... • ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff • CWE-20: Improper Input Validation CWE-189: Numeric Errors •