Vulnerabilities > X ORG > X11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-04-16 | CVE-2013-7439 | Numeric Errors vulnerability in multiple products Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. | 7.5 |
| 2012-05-18 | CVE-2012-2118 | Improper Input Validation vulnerability in X.Org X11 1.11 Format string vulnerability in the LogVHdrMessageVerb function in os/log.c in X.Org X11 1.11 allows attackers to cause a denial of service or possibly execute arbitrary code via format string specifiers in an input device name. | 10.0 |
| 2009-09-08 | CVE-2009-3100 | Denial-Of-Service vulnerability in OpenSolaris xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches. | 4.0 |
| 2009-08-10 | CVE-2009-2718 | Permissions, Privileges, and Access Controls vulnerability in SUN Java SE 6 The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet. | 6.8 |
| 2009-08-07 | CVE-2009-2711 | Information Exposure vulnerability in multiple products XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276. | 4.9 |
| 2007-04-06 | CVE-2007-1003 | Local Integer Overflow vulnerability in X.Org X11 7.11.1.0 Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption. | 9.0 |
| 1997-07-01 | CVE-1999-0526 | Unspecified vulnerability in X.Org X11 7.11.1.0 An X server's access control is disabled (e.g. | 10.0 |