CVE-2014-8092 – xorg-x11-server: integer overflow in X11 core protocol requests when calculating memory needs for requests
https://notcve.org/view.php?id=CVE-2014-8092
Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write. Múltiples desbordamientos de enteros en X.Org X Window System (también conocido como X11 o X) X11R1 y X.Org Server (también conocido como xserver y xorg-server) anterior a 1.16.3 permiten a usuarios remotos autenticados causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una solicitud manipulada en la función (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, o (4) REQUEST_FIXED_SIZE, lo que provoca una lectura o escritura fuera de rango. Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. • http://advisories.mageia.org/MGASA-2014-0532.html http://secunia.com/advisories/61947 http://secunia.com/advisories/62292 http://www.debian.org/security/2014/dsa-3095 http://www.mandriva.com/security/advisories?name=MDVSA-2015:119 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0465 – xorg: xrdb code execution via crafted X client hostname
https://notcve.org/view.php?id=CVE-2011-0465
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message. xrdb.c en xrdb anterior a v1.0.9 en X.Org X11R7.6 y anteriores permite a atacantes remotos ejecutar comandos arbitrarios mediante metacaracteres en un hostname obtenido de un mensaje (1) DHCP o (2) XDMCP. • http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057928.html http://lists.freedesktop.org/archives/xorg-announce/2011-April/001635.html http://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.html http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00002.html http://secunia.com/advisories/44010 http://secunia.com/advisories/44012 http://secunia.com/advisories/44040 http • CWE-20: Improper Input Validation •