Product:

Libx11

(X\.org)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 10
Date ID Summary Products Score Patch
2018-08-24 CVE-2018-14600 An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution. Ubuntu_linux, Debian_linux, Libx11 9.8
2018-08-24 CVE-2018-14599 An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. Ubuntu_linux, Debian_linux, Fedora, Libx11 9.8
2018-08-24 CVE-2018-14598 An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault). Ubuntu_linux, Debian_linux, Fedora, Libx11 7.5
2018-08-24 CVE-2018-14599 An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. Ubuntu_linux, Debian_linux, Fedora, Libx11 9.8
2018-08-24 CVE-2018-14598 An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault). Ubuntu_linux, Debian_linux, Fedora, Libx11 7.5
2016-12-13 CVE-2016-7943 The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations. Fedora, Libx11 9.8
2016-12-13 CVE-2016-7942 The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations. Fedora, Libx11 9.8
2015-04-16 CVE-2013-7439 Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. Ubuntu_linux, Debian_linux, Libx11, X11 N/A
2007-03-24 CVE-2007-1667 Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. Imagemagick, Libx11 N/A
2006-11-02 CVE-2006-5397 The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor. Libx11 N/A