CVE-2003-0730
- EPSS 5.43%
- Veröffentlicht 20.10.2003 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:02:43
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
- EPSS 1.97%
- Veröffentlicht 03.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:27
xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist.
CVE-2003-0071
- EPSS 0.45%
- Veröffentlicht 03.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:27
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
CVE-2003-0063
- EPSS 3.4%
- Veröffentlicht 03.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:26
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containin...
CVE-2002-1472
- EPSS 0.37%
- Veröffentlicht 03.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:23
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
CVE-2002-1317
- EPSS 24.03%
- Veröffentlicht 11.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:06
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
CVE-2001-0955
- EPSS 0.45%
- Veröffentlicht 22.09.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:17
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form ...
CVE-2001-1179
- EPSS 0.44%
- Veröffentlicht 17.07.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:44
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters.
CVE-2001-1178
- EPSS 0.77%
- Veröffentlicht 11.07.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:44
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable.
CVE-2001-1086
- EPSS 2.84%
- Veröffentlicht 04.07.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:33
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.