CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2016-7942 – Ubuntu Security Notice USN-3758-2
https://notcve.org/view.php?id=CVE-2016-7942
01 Nov 2016 — The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations. La función XGetImage en X.org libX11 en versiones anteriores a 1.6.4 podría permitir a servidores remotos X obtener privilegios a través de vectores que involucran tipo de imagen y geometría, que desencadena operaciones de lectura fuera de límites. Tobias Stoeckmann discovered that libx11 incorrectly handled certain i... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-264: Permissions, Privileges, and Access Controls CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2016-7943 – Ubuntu Security Notice USN-3758-2
https://notcve.org/view.php?id=CVE-2016-7943
01 Nov 2016 — The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations. La función XListFonts en X.org libX11 en versiones anteriores a 1.6.4 podría permitir a servidores remotos X obtener privilegios a través de vectores que involucran campos de longitud, que desencadena operaciones de escritura fuera de límites. Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An atta... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 49EXPL: 0CVE-2013-7439 – libX11: buffer overflow in MakeBigReq macro
https://notcve.org/view.php?id=CVE-2013-7439
14 Apr 2015 — Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. Múltiples errores de superación de límite (off-by-one) en los macros (1) MakeBigReq y (2) SetReqLen en include/X11/Xlibint.h en X11R6.x y libX11 anterior a 1.6.0 permiten a atacantes remotos tener un impacto no especificado a través de una solicitud manipulada, lo que pr... • http://lists.x.org/archives/xorg-announce/2015-April/002561.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2004 – libX11: unbounded recursion leading to stack-overflow
https://notcve.org/view.php?id=CVE-2013-2004
28 May 2013 — The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file. Las funciones (1) GetDatabase y (2) _XimParseStringFile en X.org libX11 v1.5.99.901 (1.6 RC1) y anteriores no limitan la profundidad de recursividad en el tratamiento de las directivas de inclusión de archivos, lo que permite causar... • http://www.debian.org/security/2013/dsa-2693 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 8.1EPSS: 1%CPEs: 6EXPL: 0CVE-2013-1981 – libX11: Multiple integer overflows leading to heap-based buffer-overflows
https://notcve.org/view.php?id=CVE-2013-1981
28 May 2013 — Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. M... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.html • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2013-1997 – libX11: Multiple Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-1997
28 May 2013 — Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadG... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •