Page 39 of 254 results (0.043 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2008-2360 – X.org Render extension AllocateGlyph() heap buffer overflow

https://notcve.org/view.php?id=CVE-2008-2360

Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow. Desboramiento de entero en la función AllocateGlyph de la extensión Render del servidor X-window 1.4 en X.org X11R7.3 permite a atacantes, dependiendo del contexto, ejecutar código arbitrario a través de campos de solicitud no especificados, que son usados para calcular el tamaño del montículo del buffer, que dispara un desbordamiento de buffer basado en montículo. • ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2360.diff http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=718 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg/2008-June/036026.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html http://rhn.redhat.com/errata/RHSA-2008-0502.h • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2007-6429 – xfree86: integer overflow in EVI extension

https://notcve.org/view.php?id=CVE-2007-6429

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension. Múltiples desbordamientos de búfer en X.Org Xserver versiones anteriores a 1.4.1 permiten a atacantes locales o remotos dependientes del contexto ejecutar código de su elección mediante (1) una petición GetVisualInfo conteniendo un valor de 32 bits que se utiliza inapropiadamente para calcular una cantidad de memoria para alojamiento por la extensión EVI, ó (2) una petición conteniendo valores relativos al tamaño de pixmap que es inapropiadamente utilizado en la gestión de memoria compartida por la extensión MIT-SHM. • http://bugs.gentoo.org/show_bug.cgi?id=204362 http://docs.info.apple.com/article.html?artnum=307562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=645 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.freedesktop.org/archives/xorg/2008-January/031918.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html http://lists.opensuse.org/ope • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2007-5958 – X.Org xorg-server 1.1.1-48.13 - Probe for Files (PoC)

https://notcve.org/view.php?id=CVE-2007-5958

X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists. X.Org Xserver versiones anteriores a 1.4.1 permite a usuarios locales determinar la existencia de ficheros de su elección mediante un argumento nombre de fichero en la opción -sp en el programa X, lo cual produce diferentes mensajes de error dependientes de si el fichero existe. • https://www.exploit-db.com/exploits/5152 http://bugs.gentoo.org/show_bug.cgi?id=204362 http://docs.info.apple.com/article.html?artnum=307562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.freedesktop.org/archives/xorg/2008-January/031918.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2008- • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 0

CVE-2007-5760 – xorg: invalid array indexing in XFree86-Misc extension

https://notcve.org/view.php?id=CVE-2007-5760

Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index. Error de índice de Array en la extensión XFree86-Misc de X.Org Xserver versiones anteriores a 1.4.1 permite a atacantes locales o remotos dependientes del contexto ejecutar código de su elección mediante una petición PassMessage conteniendo un índice de array largo. • http://bugs.gentoo.org/show_bug.cgi?id=204362 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=646 http://lists.freedesktop.org/archives/xorg/2008-January/031918.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html http://secunia.com/advisories/28273 http://secunia.com/advisories/28532 http://secunia.com/advisories/28535 http://secunia.com/advisories/28536 http://secunia.com/advisories/28539 http://secunia.com/advisories/28540 http:/ •

CVSS: 9.3EPSS: 0%CPEs: 22EXPL: 0

CVE-2007-6427 – xfree86: memory corruption via XInput extension

https://notcve.org/view.php?id=CVE-2007-6427

The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990. La extensión XInput de X.Org Xserver versiones anteriores a 1.4.1 permite a atacantes locales o remotos dependientes del contexto ejecutar código de su elección mediante peticiones relativas al intercambio de bytes y corrupción de cabecera dentro d múltiples funciones, vulnerabilidad distinta de CVE-2007-4990. • http://bugs.gentoo.org/show_bug.cgi?id=204362 http://docs.info.apple.com/article.html?artnum=307562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=643 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.freedesktop.org/archives/xorg/2008-January/031918.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html http://lists.opensuse.org/ope • CWE-787: Out-of-bounds Write •