Product:

Libx11

(X\.org)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 17
Date Id Summary Products Score Patch Annotated
2016-12-13 CVE-2016-7943 The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations. Fedora, Libx11 9.8
2018-08-24 CVE-2018-14598 An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault). Ubuntu_linux, Debian_linux, Fedora, Libx11 7.5
2018-08-24 CVE-2018-14599 An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. Ubuntu_linux, Debian_linux, Fedora, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Libx11 9.8
2018-08-24 CVE-2018-14600 An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution. Ubuntu_linux, Debian_linux, Libx11 9.8
2018-08-24 CVE-2018-14599 An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. Ubuntu_linux, Debian_linux, Fedora, Libx11 9.8
2018-08-24 CVE-2018-14598 An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault). Ubuntu_linux, Debian_linux, Fedora, Libx11 7.5
2015-04-16 CVE-2013-7439 Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. Ubuntu_linux, Debian_linux, Libx11, X11 N/A