CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2013-1994 – Debian Security Advisory 2679-1
https://notcve.org/view.php?id=CVE-2013-1994
23 May 2013 — Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions. Múltiples desbordamientos de enteros en X.org libchromeXvMC y libchromeXvMCPro en openchrome v0.3.2 y anteriores permiten que los servidores X provoquen una asignación de memoria insuficiente y un desbordamiento de búfer a través... • http://www.debian.org/security/2013/dsa-2679 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2013-1995 – libXi: Sign extension issues resulting in heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2013-1995
23 May 2013 — X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function. X.org LibXi v1.7.1 y anteriores permite a los servidores X activar la asignación de memoria insuficiente y provocar un desbordamiento de búfer a través de vectores relacionados con una extensión de signo inesperada en la función XListInputDevices. A buffer overflow flaw was found in the way the XListInputDevic... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2013-1996 – Debian Security Advisory 2687-1
https://notcve.org/view.php?id=CVE-2013-1996
23 May 2013 — X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function. X.org LibFS v1.0.4 y anteriores permite a los servidores X activar la asignación de memoria insuficiente y provocar un desbordamiento de búfer a través de vectores relacionados con una extensión de signo inesperada en la función FSOpenServer. Ilja van Sprundel of IOActive discovered several security issues in multi... • http://www.debian.org/security/2013/dsa-2687 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 1%CPEs: 9EXPL: 0CVE-2013-1998 – libXi: Multiple Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-1998
23 May 2013 — Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions. Multiples desbordamientos de búfer en X.org libXi v1.7.1 y anteriores permite a los servidores X causar una denegación de servicio (por caída del servidor) y posiblemente ejecutar código de su elección a través de valores de índice... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 1%CPEs: 6EXPL: 0CVE-2013-1999 – libXvMC: Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-1999
23 May 2013 — Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function. Un desbordamiento de búfer en X.org libXvMC v1.0.7 y anteriores permite a los servidores X causar una denegación de servicio (por caída del servidor) y posiblemente ejecutar código de su elección a través de valores de índice o de longitud debidamente modificados en la función XvMCGetDRInfo. The X11 libr... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106766.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 1%CPEs: 8EXPL: 0CVE-2013-2000 – libXxf86dga: Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-2000
23 May 2013 — Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions. Múltiples desbordamientos de búfer en X.org libXxf86dga v1.1.3 y anteriores permiten que los servidores X para causar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de valores de índice o de longitud de las funciones (1) XD... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106870.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 1%CPEs: 6EXPL: 0CVE-2013-2001 – libXxf86vm: Multiple Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-2001
23 May 2013 — Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function. Un desbordamiento de búfer en X.org libXxf86vm v1.1.2 y anteriores permite a los servidores X causar una denegación de servicio (por caída del servidor) y posiblemente ejecutar código de su elección a través de valores de longitud o de índice de la función XF86VidModeGetGammaRamp debidamente... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106872.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1940 – xorg-x11-server: Information disclosure due enabling events from hot-plug devices despite input from the device being momentarily disabled
https://notcve.org/view.php?id=CVE-2013-1940
13 May 2013 — X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty. X.Org X server anterior a v1.13.4 y v1.4.x anterior a v1.14.1 no restringe adecuadamente el acceso a los eventos de entrada cuando se añade un nuevo dispositivo de conexión en caliente, lo cual puede permitir a atacantes cercanos obtener infor... • http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102391.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2012-1699
https://notcve.org/view.php?id=CVE-2012-1699
21 Dec 2012 — The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference. La función ProcSetEventMask en DEFI/events.c en el servidor de fuentes xfs para X.Org X11R6.6 y X... • http://invisible-island.net/ansification/ansify-xfs-cve.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2010-4818 – X.org: multiple GLX input sanitization flaws
https://notcve.org/view.php?id=CVE-2010-4818
05 Sep 2012 — The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c. La extensión GLX en X.Org xserver v1.7.7 permite a usuarios remotos autenticados provocar una denegación de servicio (caída del servidor) y posiblemente ejecutar código arbitrario a ... • http://cgit.freedesktop.org/xorg/xserver/commit?id=3f0d3f4d97bce75c1828635c322b6560a45a037f • CWE-20: Improper Input Validation •