Vulnerabilities > X ORG > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-06-15 | CVE-2013-1995 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in X.Org Libxi X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function. | 6.8 |
| 2013-06-15 | CVE-2013-1984 | Numeric Errors vulnerability in X.Org Libxi Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions. | 6.8 |
| 2009-09-08 | CVE-2009-3100 | Denial-Of-Service vulnerability in OpenSolaris xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches. | 4.0 |
| 2009-08-10 | CVE-2009-2718 | Permissions, Privileges, and Access Controls vulnerability in SUN Java SE 6 The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet. | 6.8 |
| 2009-08-07 | CVE-2009-2711 | Information Exposure vulnerability in multiple products XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276. | 4.9 |
| 2008-01-18 | CVE-2007-6428 | Local Privilege Escalation and Information Disclosure vulnerability in RETIRED: X.Org X Server The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index. | 5.0 |
| 2008-01-18 | CVE-2007-5958 | Information Exposure vulnerability in X.Org Xserver X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists. | 5.0 |
| 2007-09-11 | CVE-2007-4730 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in X.Org Xorg-Server Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. | 4.3 |
| 2007-05-02 | CVE-2007-2437 | Denial of Service vulnerability in X.Org X Window System Xserver XRender Extension Divide by Zero The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps functions, which trigger a divide-by-zero error. low complexity x-org | 5.5 |
| 2006-12-31 | CVE-2006-6103 | Local Integer Overflow vulnerability in X.Org DBE And Render Extensions Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. | 6.6 |