Note:
This project will be discontinued after December 13, 2021. [more]
Product:
X11r6
(Xfree86_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 27 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-03-03 | CVE-2002-1472 | Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | X11r6 | N/A | ||
| 2002-12-11 | CVE-2002-1317 | Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | Hp\-Ux, Irix, Solaris, Sunos, X11r6 | N/A | ||
| 2001-07-17 | CVE-2001-1179 | xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | X11r6 | N/A | ||
| 2001-07-11 | CVE-2001-1178 | Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. | X11r6 | N/A | ||
| 2001-07-04 | CVE-2001-1086 | XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack. | X11r6 | N/A | ||
| 2001-09-22 | CVE-2001-0955 | Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title. | X11r6 | N/A | ||
| 2000-06-19 | CVE-2000-0620 | libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop. | X, X11r6 | N/A | ||
| 2000-06-19 | CVE-2000-0504 | libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | Gdm, X, X11r6 | N/A | ||
| 2000-05-18 | CVE-2000-0453 | XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000. | X11r6 | N/A | ||
| 2000-04-16 | CVE-2000-0285 | Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter. | X11r6 | N/A |