Note:
This project will be discontinued after December 13, 2021. [more]
Product:
X11r6
(Xfree86_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 27 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-03-03 | CVE-2004-0084 | Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106. | Openbsd, X11r6 | N/A | ||
| 2004-03-03 | CVE-2004-0083 | Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106. | Openbsd, X11r6 | N/A | ||
| 2003-10-20 | CVE-2003-0730 | Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | Netbsd, X11r6 | N/A | ||
| 2003-03-03 | CVE-2003-0071 | The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | X11r6 | N/A | ||
| 2003-03-03 | CVE-2003-0063 | The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | X11r6 | N/A | ||
| 2003-03-03 | CVE-2002-1510 | xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist. | X11r6 | N/A | ||
| 2003-03-03 | CVE-2002-1472 | Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | X11r6 | N/A | ||
| 2002-12-11 | CVE-2002-1317 | Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | Hp\-Ux, Irix, Solaris, Sunos, X11r6 | N/A | ||
| 2001-07-17 | CVE-2001-1179 | xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | X11r6 | N/A | ||
| 2001-07-11 | CVE-2001-1178 | Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. | X11r6 | N/A |