CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2009-2718 – JDK reposition of untrusted applet security icon in X11
https://notcve.org/view.php?id=CVE-2009-2718
The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet. La implementación de Abstract Window Toolkit (AWT) en Sun Java SE v6 anteriores a Update 15 para X11 no impone la restricción de distancia prevista desde el borde de la ventana al Security Warning Icon, facilitando a atacantes dependientes del contexto que engañen a un usuario para interactuar sin seguridad con un applet no confiable. • http://java.sun.com/javase/6/webnotes/6u15.html http://secunia.com/advisories/37386 http://secunia.com/advisories/37460 http://security.gentoo.org/glsa/glsa-200911-02.xml http://www.securityfocus.com/archive/1/507985/100/0/threaded http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://www.vupen.com/english/advisories/2009/3316 https://access.redhat.com/security/cve/CVE-2009-2718 https://bugzilla.redhat.com/show_bug.cgi?id=516815 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.9EPSS: 0%CPEs: 226EXPL: 0CVE-2009-2711
https://notcve.org/view.php?id=CVE-2009-2711
XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276. Xscreensaver en Sun Solaris v9 y v10, OpenSolaris anterior a snv_120, y X11 v6.4.1 para Solaris v8, cuando el servidor Xorg o Xnewt es utilizado, permite a atacantes físicamente próximos obtener información sensible mediante la lectura de ventanas emergentes, que son mostrados incluso cuando la pantalla está bloqueado, una vulnerabilidad diferente que CVE-2009-1276. • http://secunia.com/advisories/36170 http://sunsolve.sun.com/search/document.do?assetkey=1-21-115298-02-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-258928-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020463.1-1 http://www.securityfocus.com/bid/35964 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5838 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1379 – X.org MIT-SHM extension arbitrary memory read
https://notcve.org/view.php?id=CVE-2008-1379
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height. Desbordamiento de entero en la función fbShmPutImage de la extensión MIT-SHM en el X server 1.4 de X.Org X11R7.3, permite a atacantes dependientes del contexto leer la memoria de procesos de su elección mediante valores manipulados para el alto y ancho de un Pixmap. • ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1379.diff http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=722 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg/2008-June/036026.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html http://lists.opensuse.org/opensuse-security-anno • CWE-189: Numeric Errors •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1377 – X.org Record and Security extensions memory corruption
https://notcve.org/view.php?id=CVE-2008-1377
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. Las funciones (1) SProcRecordCreateContext y (2) SProcRecordRegisterClients en la extensión Record y la función (3) SProcSecurityGenerateAuthorization en la extensión Security del servidor X 1.4 en X.Org X11R7.3 permite a atacantes dependientes de contexto ejecutar código de su elección a través de peticiones con longitud de valores manipuladas que especifica un número aleatorio de bytes a ser intercambiados en el montículo, lo cual dispara corrupción de montículo. • ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1377.diff http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=721 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg/2008-June/036026.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html http://lists.opensuse.org/opensuse-security-anno • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2008-2362 – X.org Render extension input validation flaw causing memory corruption
https://notcve.org/view.php?id=CVE-2008-2362
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption. Múltiples desbordamientos de entero en la extensión Render en el servidor X 1.4 de X.Org X11R7.3 permite a atacantes dependientes de contexto ejecutar código de su elección a través de una petición (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, o (3) SProcRenderCreateConicalGradient con un campo inválido especificando el número de bytes a intercambiar en la petición de datos, lo cual dispara una corrupción de memoria en montículo. • ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg/2008-June/036026.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html http://rhn.redhat.com/errata/RHSA-2008-0504.h • CWE-20: Improper Input Validation CWE-189: Numeric Errors •