Debian Xorg vulnerabilities
3 known vulnerabilities affecting debian/xorg.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1LOW2
Vulnerabilities
Page 1 of 1
CVE-2011-4613P4LOWCVSS 4.6PoCfixed in xorg 1:7.6+10 (bookworm)2011
CVE-2011-4613 [MEDIUM] CVE-2011-4613: xorg - The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux doe...
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.
Scope: local
bookworm: resolved (fixed in 1:7.6+10)
bullseye: resolved (fixed in 1:7.6+10)
f
debian
CVE-2012-1093P3HIGHCVSS 7.8fixed in xorg 1:7.6+12 (bookworm)2012
CVE-2012-1093 [HIGH] CVE-2012-1093: xorg - The init script in the Debian x11-common package before 1:7.6+12 is vulnerable t...
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.
Scope: local
bookworm: resolved (fixed in 1:7.6+12)
bullseye: resolved (fixed in 1:7.6+12)
forky: resolved (fixed in 1:7.6+12)
sid: resolved (fixed in 1:7.6+12)
trixie: resolved (fixed in 1:7.6+12)
debian
CVE-2006-5214P4LOWCVSS 1.2fixed in xdm 1:1.0.5-1 (bookworm)2006
CVE-2006-5214 [LOW] CVE-2006-5214: xdm - Race condition in the Xsession script, as used by X Display Manager (xdm) in Net...
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users.
Scope: local
bookworm: resolved (fixed in 1:1.0
debian