CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-5407 – Ubuntu Security Notice USN-5449-1
https://notcve.org/view.php?id=CVE-2016-5407
01 Nov 2016 — The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data. Las funciones (1) XvQueryAdaptors y (2) XvQueryEncodings en X.org libXv en versiones anteriores a 1.0.11 permiten a servidores remotos X para desencadenar operaciones de acceso a memoria fuera de rango a través de vectores que involucran especificaciones de longitud en los datos recibidos... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7944 – Ubuntu Security Notice USN-5437-1
https://notcve.org/view.php?id=CVE-2016-7944
01 Nov 2016 — Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync. Desbordamiento de entero en X.org libXfixes en versiones anteriores a 5.0.3 en plataformas 32-bit podría permitir a servidores remotos X obtener privilegios a través de un valor de longitud de INT_MAX, que desencadena que el cliente pare la lectura de datos y salga de la sincronización. Tobias S... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2016-7945 – Ubuntu Security Notice USN-5646-1
https://notcve.org/view.php?id=CVE-2016-7945
01 Nov 2016 — Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields. Múltiples desbordamientos de entero en X.org libXi en versiones anteriores a 1.7.7 permite a servidores remotos X provocar una denegación de servicio (acceso de memoria fuera de datos o bucle infinito) a través de vectores que involucran campos de longitud. Tobias Stoeckmann discovered that libXi did not properly manage... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7946 – Gentoo Linux Security Advisory 201704-03
https://notcve.org/view.php?id=CVE-2016-7946
01 Nov 2016 — X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields. X.org libXi en versiones anteriores a 1.7.7 permite a servidores remotos X provocar una denegación de servicio (bucle infinito) a través de vectores que involucran campos de longitud. Multiple vulnerabilities have been found in X.Org server and libraries, the worse of which allowing local attackers to execute arbitrary code. Versions less than 1.19.2 are affected. • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 2%CPEs: 3EXPL: 0CVE-2016-7947 – Ubuntu Security Notice USN-5428-1
https://notcve.org/view.php?id=CVE-2016-7947
01 Nov 2016 — Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response. Múltiples desbordamientos de entero en X.org libXrandr en versiones anteriores a 1.5.1 permiten a servidores remotos X desencadenar operaciones de escritura fuera de límites a través de una respuesta manipulada. Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of servic... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 3EXPL: 0CVE-2016-7948 – Gentoo Linux Security Advisory 201704-03
https://notcve.org/view.php?id=CVE-2016-7948
01 Nov 2016 — X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data. X.org libXrandr en versiones anteriores a 1.5.1 permite a servidores remotos X desencadenar operaciones de escritura fuera de límites aprovechando el manejo incorrecto de datos de respuesta. Multiple vulnerabilities have been found in X.Org server and libraries, the worse of which allowing local attackers to execute arbitrary code. Versions less than 1.19.2 are affected. • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 4%CPEs: 3EXPL: 0CVE-2016-7949 – Ubuntu Security Notice USN-5436-1
https://notcve.org/view.php?id=CVE-2016-7949
01 Nov 2016 — Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields. Múltiples desbordamientos de búfer en las funciones (1) XvQueryAdaptors y (2) XvQueryEncodings en X.org libXrender en versiones anteriores a 0.9.10 permite a servidores remotos X desencadenar operaciones de escritura fuera de límites a través de vectores que involucran campos de longitud... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7950 – Gentoo Linux Security Advisory 201704-03
https://notcve.org/view.php?id=CVE-2016-7950
01 Nov 2016 — The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths. La función XRenderQueryFilters en X.org libXrender en versiones anteriores a 0.9.10 permite a servidores remotos X desencadenar operaciones de escritura fuera de límites a través de vectores que involucran la longitud de los nombres de filtro. Multiple vulnerabilities have been found in X.Org server and libraries, the worse of which a... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7951 – Slackware Security Advisory - x11 Updates
https://notcve.org/view.php?id=CVE-2016-7951
01 Nov 2016 — Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks. Múltiples desbordamientos de entero en X.org libXtst en versiones anteriores a 1.2.3 permiten a servidores remotos X desencadenar operaciones de acceso a memoria fuera de límites aprovechando la falta de controles de alcance. New x11 packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issue... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7952 – Slackware Security Advisory - x11 Updates
https://notcve.org/view.php?id=CVE-2016-7952
01 Nov 2016 — X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data. X.org libXtst en versiones anteriores a 1.2.3 permite a servidores remotos X provocar una denegación de servicio (bucle infinito) a través de una respuesta en la categoría (1) XRecordStartOfData, (2) XRecordEndOfData o (3) XRecordClientDied sin una secuencia cliente ... • http://www.openwall.com/lists/oss-security/2016/10/04/2 • CWE-20: Improper Input Validation CWE-284: Improper Access Control •