cbcvebase.

Debian Xorg vulnerabilities

3 known vulnerabilities affecting debian/xorg.

Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1LOW2

Vulnerabilities

Page 1 of 1
CVE-2011-4613P4LOWCVSS 4.6PoCfixed in xorg 1:7.6+10 (bookworm)2011
CVE-2011-4613 [MEDIUM] CVE-2011-4613: xorg - The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux doe... The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY. Scope: local bookworm: resolved (fixed in 1:7.6+10) bullseye: resolved (fixed in 1:7.6+10) f
debian
CVE-2012-1093P3HIGHCVSS 7.8fixed in xorg 1:7.6+12 (bookworm)2012
CVE-2012-1093 [HIGH] CVE-2012-1093: xorg - The init script in the Debian x11-common package before 1:7.6+12 is vulnerable t... The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation. Scope: local bookworm: resolved (fixed in 1:7.6+12) bullseye: resolved (fixed in 1:7.6+12) forky: resolved (fixed in 1:7.6+12) sid: resolved (fixed in 1:7.6+12) trixie: resolved (fixed in 1:7.6+12)
debian
CVE-2006-5214P4LOWCVSS 1.2fixed in xdm 1:1.0.5-1 (bookworm)2006
CVE-2006-5214 [LOW] CVE-2006-5214: xdm - Race condition in the Xsession script, as used by X Display Manager (xdm) in Net... Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users. Scope: local bookworm: resolved (fixed in 1:1.0
debian
Debian Xorg vulnerabilities | cvebase