CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2010-4818 – X.org: multiple GLX input sanitization flaws
https://notcve.org/view.php?id=CVE-2010-4818
05 Sep 2012 — The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c. La extensión GLX en X.Org xserver v1.7.7 permite a usuarios remotos autenticados provocar una denegación de servicio (caída del servidor) y posiblemente ejecutar código arbitrario a ... • http://cgit.freedesktop.org/xorg/xserver/commit?id=3f0d3f4d97bce75c1828635c322b6560a45a037f • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2006-6101
https://notcve.org/view.php?id=CVE-2006-6101
31 Dec 2006 — Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures. Desbordamiento de Entero en la función ProcRenderAddGlyphs en la extensión Render para X.Org 6.8.2, 6.9.0, 7.0, y 7.1, y Servidor XFree86 X, permite a atacantes remotos ejecutar código de su elección mediante u... • http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc •
CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 0CVE-2006-6102
https://notcve.org/view.php?id=CVE-2006-6102
31 Dec 2006 — Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. Desbordamiento de enteros en la función ProcDbeGetVisualInfo en la extensión DBE para el X.Org 6.8.2, 6.9.0, 7.0 y 7.1, y XFree86 X server, permite a usuarios locales la ejecución de código de su elección a través de ... • http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2006-6103
https://notcve.org/view.php?id=CVE-2006-6103
31 Dec 2006 — Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. Desbordamiento de Entero en la función ProcDbeSwapBuffers en la extensión DBE para X.Org 6.8.2, 6.9.0, 7.0, y 7.1, y Servidor XFree86 X, permite a atacantes locales ejecutar código de su elección mediante una petición X... • http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3739
https://notcve.org/view.php?id=CVE-2006-3739
13 Sep 2006 — Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow. Desbordamiento de enteros en la función CIDAFM en X.Org 6.8.2 y XFree86 X server permite a un usuario local ejecutar código de su elección a través de archivos Adobe Font Metrics (AFM) artesanales con un número modificado de métrica del ca... • http://secunia.com/advisories/21864 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3740
https://notcve.org/view.php?id=CVE-2006-3740
13 Sep 2006 — Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections. Desbordamiento de entero en la función scan_cidfont en X.Org 6.8.2 and XFree86 X server , permite a un usuario local ejecutar código de su elección a través de la fuentes de datos(1) CMap y (2)CIDFont con contadores modificados en las s... • http://secunia.com/advisories/21864 •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0197
https://notcve.org/view.php?id=CVE-2006-0197
13 Jan 2006 — The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a "long" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and might allow attackers to cause a denial of service (application crash) and possibly conduct other attacks. • http://www.securityfocus.com/archive/1/421256/100/0/threaded •