Filtered by vendor X Subscriptions
Filtered by product X11 Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-0465 3 Matthias Hopf, Redhat, X 3 Xrdb, Enterprise Linux, X11 2024-11-21 N/A
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
CVE-2008-2362 2 Redhat, X 2 Enterprise Linux, X11 2024-11-21 N/A
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.
CVE-2008-2360 2 Redhat, X 2 Enterprise Linux, X11 2024-11-21 N/A
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow.
CVE-2008-1379 2 Redhat, X 2 Enterprise Linux, X11 2024-11-21 N/A
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.
CVE-2008-1377 2 Redhat, X 2 Enterprise Linux, X11 2024-11-21 N/A
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.