CVE-2016-7943
https://notcve.org/view.php?id=CVE-2016-7943
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations. La función XListFonts en X.org libX11 en versiones anteriores a 1.6.4 podría permitir a servidores remotos X obtener privilegios a través de vectores que involucran campos de longitud, que desencadena operaciones de escritura fuera de límites. • http://www.openwall.com/lists/oss-security/2016/10/04/2 http://www.openwall.com/lists/oss-security/2016/10/04/4 http://www.securityfocus.com/bid/93362 http://www.securitytracker.com/id/1036945 https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8c29f1607a31dac0911e45a0dd3d74173822b3c9 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GMCVDXMFPXR7QGMKDG22WPPJCXH2X3L7 https://lists.x.org/archives/xorg-announce/2016-October/002720.html https://security.g • CWE-787: Out-of-bounds Write •
CVE-2016-7942
https://notcve.org/view.php?id=CVE-2016-7942
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations. La función XGetImage en X.org libX11 en versiones anteriores a 1.6.4 podría permitir a servidores remotos X obtener privilegios a través de vectores que involucran tipo de imagen y geometría, que desencadena operaciones de lectura fuera de límites. • http://www.openwall.com/lists/oss-security/2016/10/04/2 http://www.openwall.com/lists/oss-security/2016/10/04/4 http://www.securityfocus.com/bid/93363 http://www.securitytracker.com/id/1036945 https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GMCVDXMFPXR7QGMKDG22WPPJCXH2X3L7 https://lists.x.org/archives/xorg-announce/2016-October/002720.html https://security.g • CWE-264: Permissions, Privileges, and Access Controls CWE-787: Out-of-bounds Write •
CVE-2013-7439 – libX11: buffer overflow in MakeBigReq macro
https://notcve.org/view.php?id=CVE-2013-7439
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. Múltiples errores de superación de límite (off-by-one) en los macros (1) MakeBigReq y (2) SetReqLen en include/X11/Xlibint.h en X11R6.x y libX11 anterior a 1.6.0 permiten a atacantes remotos tener un impacto no especificado a través de una solicitud manipulada, lo que provoca un desbordamiento de buffer. • http://lists.x.org/archives/xorg-announce/2015-April/002561.html http://seclists.org/oss-sec/2015/q2/81 http://www.debian.org/security/2015/dsa-3224 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.securityfocus.com/bid/73962 http://www.ubuntu.com/usn/USN-2568-1 https://bugs.freedesktop.org/show_bug.cgi?id=56508 https://access.redhat.com/security/cve/CVE-2013-7439 https://bugzilla.redhat.com/show_bug.cgi?id=1209943 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVE-2007-1667 – XGetPixel() integer overflow
https://notcve.org/view.php?id=CVE-2007-1667
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. Múltiples desbordamientos de enteros en (1) la función XGetPixel en el archivo ImUtil.c en X.Org libx11 anterior a la versión 1.0.3 y (2) la función XInitImage en el archivo xwd.c para ImageMagick, permiten a los atacantes remotos asistidos por el usuario causar una denegación de servicio (bloqueo) o obtener información confidencial por medio de imágenes elaboradas con valores grandes o negativos que desencadenan un desbordamiento de búfer. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045 http://issues.foresightlinux.org/browse/FL-223 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html http://rhn.redhat.com/errata/RHSA-2007-0125.html http://secunia.com/advisories/24739 http://secunia.com/advisories/24741 http://secunia.com/advisories/24745 http://secunia.com/advisories/24756 http://secunia.com/advisories/24758 htt • CWE-189: Numeric Errors •
CVE-2006-5397
https://notcve.org/view.php?id=CVE-2006-5397
The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor. El módulo Xinput (modules/im/ximcp/imLcIm.c) en X.Org libX11 1.0.2 y 1.0.3 abre un fichero para lectura dos veces utilizando el mismo descriptor de fichero, que provoca un agujero en los descriptores de fichero permitiendo a los usuarios locales, leer ficheros concretos con la variable de entorno XCOMPOSEFILE mediante un descriptor de fichero duplicado. • http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git%3Ba=commit%3Bh=686bb8b35acf6cecae80fe89b2b5853f5816ce19 http://secunia.com/advisories/22642 http://secunia.com/advisories/22749 http://www.mandriva.com/security/advisories?name=MDKSA-2006:199 http://www.securityfocus.com/bid/20845 http://www.vupen.com/english/advisories/2006/4289 https://bugs.freedesktop.org/show_bug.cgi?id=8699 https://exchange.xforce.ibmcloud.com/vulnerabilities/29956 •