Page 8 of 40 results (0.011 seconds)

CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0

CVE-2014-8102 – xorg-x11-server: out of bounds access due to not validating length or offset values in XFixes extension

https://notcve.org/view.php?id=CVE-2014-8102

The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length value. La función SProcXFixesSelectSelectionInput en la extensión XFixes en X.Org X Window System (también conocido como X11 o X) X11R6.8.0 y X.Org Server (también conocido como xserver y xorg-server) anterior a 1.16.3 permite a usuarios remotos autenticados causar una denegación de servicio (lectura o escritura fuera de rango) o posiblemente ejecutar código arbitrario a través de un valor de longitud manipulado. Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server. • http://advisories.mageia.org/MGASA-2014-0532.html http://secunia.com/advisories/61947 http://secunia.com/advisories/62292 http://www.debian.org/security/2014/dsa-3095 http://www.mandriva.com/security/advisories?name=MDVSA-2015:119 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/71608& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0

CVE-2014-8093 – xorg-x11-server: integer overflow in GLX extension requests when calculating memory needs for requests

https://notcve.org/view.php?id=CVE-2014-8093

Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) __glXDisp_ReadPixels, (2) __glXDispSwap_ReadPixels, (3) __glXDisp_GetTexImage, (4) __glXDispSwap_GetTexImage, (5) GetSeparableFilter, (6) GetConvolutionFilter, (7) GetHistogram, (8) GetMinmax, (9) GetColorTable, (10) __glXGetAnswerBuffer, (11) __GLX_GET_ANSWER_BUFFER, (12) __glXMap1dReqSize, (13) __glXMap1fReqSize, (14) Map2Size, (15) __glXMap2dReqSize, (16) __glXMap2fReqSize, (17) __glXImageSize, or (18) __glXSeparableFilter2DReqSize function, which triggers an out-of-bounds read or write. Múltiples desbordamientos de enteros en la extensión GLX en XFree86 4.0, X.Org X Window System (también conocido como X11 o X) X11R6.7, y X.Org Server (también conocido como xserver y xorg-server) anterior a 1.16.3 permiten a usuarios remotos autenticados causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una solicitud manipulada en la función (1) __glXDisp_ReadPixels, (2) __glXDispSwap_ReadPixels, (3) __glXDisp_GetTexImage, (4) __glXDispSwap_GetTexImage, (5) GetSeparableFilter, (6) GetConvolutionFilter, (7) GetHistogram, (8) GetMinmax, (9) GetColorTable, (10) __glXGetAnswerBuffer, (11) __GLX_GET_ANSWER_BUFFER, (12) __glXMap1dReqSize, (13) __glXMap1fReqSize, (14) Map2Size, (15) __glXMap2dReqSize, (16) __glXMap2fReqSize, (17) __glXImageSize, o (18) __glXSeparableFilter2DReqSize, lo que provoca una lectura o escritura fuera de rango. Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. • http://advisories.mageia.org/MGASA-2014-0532.html http://nvidia.custhelp.com/app/answers/detail/a_id/3610 http://secunia.com/advisories/61947 http://secunia.com/advisories/62292 http://www.debian.org/security/2014/dsa-3095 http://www.mandriva.com/security/advisories?name=MDVSA-2015:119 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/71596 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0

CVE-2014-8101 – xorg-x11-server: out of bounds access due to not validating length or offset values in RandR extension

https://notcve.org/view.php?id=CVE-2014-8101

The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcRRQueryVersion, (2) SProcRRGetScreenInfo, (3) SProcRRSelectInput, or (4) SProcRRConfigureOutputProperty function. La extensión RandR en XFree86 4.2.0, X.Org X Window System (también conocido como X11 o X) X11R6.7, y X.Org Server (también conocido como xserver y xorg-server) anterior a 1.16.3 permite a usuarios remotos autenticados causar una denegación de servicio (lectura o escritura fuera de rango) o posiblemente ejecutar código arbitrario a través de una longitud manipulada o un valor de indice manipulado en la función (1) SProcRRQueryVersion, (2) SProcRRGetScreenInfo, (3) SProcRRSelectInput, o (4) SProcRRConfigureOutputProperty. Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server. • http://advisories.mageia.org/MGASA-2014-0532.html http://secunia.com/advisories/61947 http://secunia.com/advisories/62292 http://www.debian.org/security/2014/dsa-3095 http://www.mandriva.com/security/advisories?name=MDVSA-2015:119 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/71605 http://www.x.org/wiki/Development/Security/Advisory-2014-12-09 https • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 4.3EPSS: 6%CPEs: 2EXPL: 0

CVE-2014-8091 – xorg-x11-server: denial of service due to unchecked malloc in client authentication

https://notcve.org/view.php?id=CVE-2014-8091

X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a crafted connection request. X.Org X Window System (también conocido como X11 and X) X11R5 y X.Org Server (también conocido como xserver y xorg-server) anterior a 1.16.3, cuando utiliza las credenciales de autenticación SUN-DES-1 (Secure RPC), no compreuba el valor de retorno de una llamada malloc, lo que permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y caída de servidor) a través de una solicitud de conexión manipulada. It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request. • http://advisories.mageia.org/MGASA-2014-0532.html http://secunia.com/advisories/61947 http://secunia.com/advisories/62292 http://www.debian.org/security/2014/dsa-3095 http://www.mandriva.com/security/advisories?name=MDVSA-2015:119 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/71597& • CWE-252: Unchecked Return Value •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2007-4730 – X.org composite extension buffer overflow

https://notcve.org/view.php?id=CVE-2007-4730

Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. Desbordamiento de búfer en la función compNewPixmap de compalloc.c en la extensión Composite para el servidor X11 X.org anterior a 1.4 permite a usuarios locales ejecutar código de su elección copiando datos de un mapa de píxeles con gran profundidad de píxel (pixel depth) a un mapa con profundidad menor. • http://bugs.freedesktop.org/show_bug.cgi?id=7447 http://bugs.gentoo.org/show_bug.cgi?id=191964 http://lists.freedesktop.org/archives/xorg-announce/2007-September/000378.html http://osvdb.org/37726 http://secunia.com/advisories/26743 http://secunia.com/advisories/26755 http://secunia.com/advisories/26763 http://secunia.com/advisories/26823 http://secunia.com/advisories/26859 http://secunia.com/advisories/26897 http://secunia.com/advisories/27147 http://secunia.com/adviso • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •