X X11 vulnerabilities

5 known vulnerabilities affecting x/x11.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2011-0465CRITICALCVSS 9.3≤ r7.6vr1+22 more2011-04-08
CVE-2011-0465 [CRITICAL] CWE-20 CVE-2011-0465: xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrar xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
nvd
CVE-2008-2360CRITICALCVSS 9.0vr7.32008-06-16
CVE-2008-2360 [CRITICAL] CWE-189 CVE-2008-2360: Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow.
nvd
CVE-2008-2362CRITICALCVSS 10.0vr7.32008-06-16
CVE-2008-2362 [CRITICAL] CWE-189 CVE-2008-2362: Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow contex Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request
nvd
CVE-2008-1377CRITICALCVSS 9.0vr7.32008-06-16
CVE-2008-1377 [CRITICAL] CWE-189 CVE-2008-1377: The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extensio The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary numb
nvd
CVE-2008-1379MEDIUMCVSS 6.8vr7.32008-06-16
CVE-2008-1379 [MEDIUM] CWE-189 CVE-2008-1379: Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.
nvd