CVE-2006-3740
https://notcve.org/view.php?id=CVE-2006-3740
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections. Desbordamiento de entero en la función scan_cidfont en X.Org 6.8.2 and XFree86 X server , permite a un usuario local ejecutar código de su elección a través de la fuentes de datos(1) CMap y (2)CIDFont con contadores modificados en las secciones (a) begincodespacerange, (b) cidrange, y (c) notdefrange • http://secunia.com/advisories/21864 http://secunia.com/advisories/21889 http://secunia.com/advisories/21890 http://secunia.com/advisories/21894 http://secunia.com/advisories/21900 http://secunia.com/advisories/21904 http://secunia.com/advisories/21908 http://secunia.com/advisories/21924 http://secunia.com/advisories/22080 http://secunia.com/advisories/22141 http://secunia.com/advisories/22332 http://secunia.com/advisories/22560 http://secunia.com/advisories/23033 http:/& •
CVE-2006-3739
https://notcve.org/view.php?id=CVE-2006-3739
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow. Desbordamiento de enteros en la función CIDAFM en X.Org 6.8.2 y XFree86 X server permite a un usuario local ejecutar código de su elección a través de archivos Adobe Font Metrics (AFM) artesanales con un número modificado de métrica del caracter (StartCharMetrics), lo cual conduce a un desbordamiento de búfer basado en montón. • http://secunia.com/advisories/21864 http://secunia.com/advisories/21889 http://secunia.com/advisories/21890 http://secunia.com/advisories/21894 http://secunia.com/advisories/21900 http://secunia.com/advisories/21904 http://secunia.com/advisories/21908 http://secunia.com/advisories/21924 http://secunia.com/advisories/22080 http://secunia.com/advisories/22141 http://secunia.com/advisories/22332 http://secunia.com/advisories/22560 http://secunia.com/advisories/23033 http:/& •
CVE-2005-2495
https://notcve.org/view.php?id=CVE-2005-2495
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.22/SCOSA-2006.22.txt ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U http://marc.info/?l=bugtraq&m=112690609622266&w=2 http://secunia.com/advisories/16777 http://secunia.com/advisories/16790 http://secunia.com/advisories/17044 http://secunia.com/advisories/17215 http://secunia.com/advisories/17258 http://secunia.com/advisories/17278 http://secunia.com/advisories/19624 http://secunia.com/advisories& • CWE-189: Numeric Errors •
CVE-2001-1409
https://notcve.org/view.php?id=CVE-2001-1409
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system. dexconf de XFree86 Xserver 4.1.0-2 crea el directorio /dev/dri con permisos inseguros (666), lo que permite a usuarios locales reemplazar o crear ficheros en el sistema de ficheros raíz. • http://groups.google.com/groups?selm=20010829121505.A16004%40compusol.com.au http://sunsolve.sun.com/search/document.do?assetkey=1-66-228529-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1017429.1-1 http://www.redhat.com/support/errata/RHSA-2003-067.html https://access.redhat.com/security/cve/CVE-2001-1409 https://bugzilla.redhat.com/show_bug.cgi?id=1616706 •
CVE-1999-0126 – Solaris 5.5.1 X11R6.3 - xterm '-xrm' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0126
SGI IRIX buffer overflow in xterm and Xaw allows root access. • https://www.exploit-db.com/exploits/338 http://www.ciac.org/ciac/bulletins/j-010.shtml •