CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2016-7943
https://notcve.org/view.php?id=CVE-2016-7943
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations. La función XListFonts en X.org libX11 en versiones anteriores a 1.6.4 podría permitir a servidores remotos X obtener privilegios a través de vectores que involucran campos de longitud, que desencadena operaciones de escritura fuera de límites. • http://www.openwall.com/lists/oss-security/2016/10/04/2 http://www.openwall.com/lists/oss-security/2016/10/04/4 http://www.securityfocus.com/bid/93362 http://www.securitytracker.com/id/1036945 https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8c29f1607a31dac0911e45a0dd3d74173822b3c9 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GMCVDXMFPXR7QGMKDG22WPPJCXH2X3L7 https://lists.x.org/archives/xorg-announce/2016-October/002720.html https://security.g • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-7944
https://notcve.org/view.php?id=CVE-2016-7944
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync. Desbordamiento de entero en X.org libXfixes en versiones anteriores a 5.0.3 en plataformas 32-bit podría permitir a servidores remotos X obtener privilegios a través de un valor de longitud de INT_MAX, que desencadena que el cliente pare la lectura de datos y salga de la sincronización. • http://www.openwall.com/lists/oss-security/2016/10/04/2 http://www.openwall.com/lists/oss-security/2016/10/04/4 http://www.securityfocus.com/bid/93361 http://www.securitytracker.com/id/1036945 https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2016-7945
https://notcve.org/view.php?id=CVE-2016-7945
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields. Múltiples desbordamientos de entero en X.org libXi en versiones anteriores a 1.7.7 permite a servidores remotos X provocar una denegación de servicio (acceso de memoria fuera de datos o bucle infinito) a través de vectores que involucran campos de longitud. • http://www.openwall.com/lists/oss-security/2016/10/04/2 http://www.openwall.com/lists/oss-security/2016/10/04/4 http://www.securityfocus.com/bid/93364 http://www.securitytracker.com/id/1036945 https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVT • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2016-7946
https://notcve.org/view.php?id=CVE-2016-7946
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields. X.org libXi en versiones anteriores a 1.7.7 permite a servidores remotos X provocar una denegación de servicio (bucle infinito) a través de vectores que involucran campos de longitud. • http://www.openwall.com/lists/oss-security/2016/10/04/2 http://www.openwall.com/lists/oss-security/2016/10/04/4 http://www.securityfocus.com/bid/93374 http://www.securitytracker.com/id/1036945 https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVT • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-7947
https://notcve.org/view.php?id=CVE-2016-7947
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response. Múltiples desbordamientos de entero en X.org libXrandr en versiones anteriores a 1.5.1 permiten a servidores remotos X desencadenar operaciones de escritura fuera de límites a través de una respuesta manipulada. • http://www.openwall.com/lists/oss-security/2016/10/04/2 http://www.openwall.com/lists/oss-security/2016/10/04/4 http://www.securityfocus.com/bid/93365 http://www.securitytracker.com/id/1036945 https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •