Xserver

xserver

Vendor: X.org • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-0006 2Sun X.org 3Solaris Libfont Solaris LibxfontXserver Apr 23, 2026 Jan 18, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a la...Show more Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.Show less
CVE-2007-6429 1X.org 3Evi Mit ShmXserver Apr 23, 2026 Jan 18, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amoun...Show more Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.Show less
CVE-2007-6428 1X.org 2Tog Cup Xserver Apr 23, 2026 Jan 18, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit v...Show more The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.Show less
CVE-2007-5958 1X.org 1Xserver Apr 23, 2026 Jan 18, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the fil...Show more X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.Show less
CVE-2007-5760 2X.org Xfree86 Project 2Xfree86 Misc Xserver Apr 23, 2026 Jan 18, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.
CVE-2007-2437 1X.org 2X Window System Xserver Apr 23, 2026 May 2, 2007 N/A· v4 N/A· v3 5.5 MEDIUM· v2 The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRe...Show more The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps functions, which trigger a divide-by-zero error.Show less