~/products/debian/xorg-server

pipeline liveDigest Docs

Debian Xorg-Server vulnerabilities

126 known vulnerabilities affecting debian/xorg-server.

Total CVEs

126

CISA KEV

0

Public exploits

5

Exploited in wild

1

Severity breakdown

CRITICAL20HIGH56MEDIUM35LOW15

Vulnerabilities

Page 7 of 7

CVE-2006-6102CRITICALCVSS 10.0fixed in xorg-server 2:1.1.1-15 (bookworm)2006

CVE-2006-6102 [CRITICAL] CVE-2006-6102: xorg-server - Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X... Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. Scope: local bookworm: resolved (fixed in 2:1.1.1-15) bullseye: res

CVE-2006-6103MEDIUMCVSS 6.6fixed in xorg-server 2:1.1.1-15 (bookworm)2006

CVE-2006-6103 [MEDIUM] CVE-2006-6103: xorg-server - Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.O... Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. Scope: local bookworm: resolved (fixed in 2:1.1.1-15) bullseye: resolve

CVE-2006-6101MEDIUMCVSS 6.6fixed in xorg-server 2:1.1.1-15 (bookworm)2006

CVE-2006-6101 [MEDIUM] CVE-2006-6101: xorg-server - Integer overflow in the ProcRenderAddGlyphs function in the Render extension for... Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures. Scope: local bookworm: resolved (fixed in 2:1.1.1-15) bullseye

CVE-2006-0745MEDIUMCVSS 7.2PoCfixed in xorg-server 1:1.0.2-1 (bookworm)2006

CVE-2006-0745 [HIGH] CVE-2006-0745: xorg-server - X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently... X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. Scope: local boo

CVE-2006-1526LOWCVSS 2.1fixed in xorg-server 1:1.0.2-8 (bookworm)2006

CVE-2006-1526 [LOW] CVE-2006-1526: xorg-server - Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up t... Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory allocation due to a typo in an expression that uses a "&" inst

CVE-2006-4447LOWCVSS 7.2fixed in libx11 2:1.0.0-7 (bookworm)2006

CVE-2006-4447 [HIGH] CVE-2006-4447: libx11 - X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xte... X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit. Scope: local bookworm: resolved (fixed in 2:1.0.0-7) bullseye: resolved (fixe

← Previous7 / 7