Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-4990

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-05 Oct, 2007 | 21:00
Updated At-07 Aug, 2024 | 15:17
Rejected At-
Credits

The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:05 Oct, 2007 | 21:00
Updated At:07 Aug, 2024 | 15:17
Rejected At:
â–¼CVE Numbering Authority (CNA)

The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.novell.com/linux/security/advisories/2007_54_xorg.html
vendor-advisory
x_refsource_SUSE
http://www.securitytracker.com/id?1018763
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/28542
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1
vendor-advisory
x_refsource_SUNALERT
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html
vendor-advisory
x_refsource_FEDORA
http://www.securityfocus.com/archive/1/481432/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://bugs.freedesktop.org/show_bug.cgi?id=12299
x_refsource_CONFIRM
http://secunia.com/advisories/28514
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/27052
third-party-advisory
x_refsource_SECUNIA
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602
third-party-advisory
x_refsource_IDEFENSE
http://secunia.com/advisories/27060
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/0924/references
vdb-entry
x_refsource_VUPEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
vendor-advisory
x_refsource_HP
http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html
mailing-list
x_refsource_MLIST
http://www.redhat.com/support/errata/RHSA-2008-0029.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/28004
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/27240
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1756
x_refsource_CONFIRM
http://secunia.com/advisories/29420
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/27040
third-party-advisory
x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/27176
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200710-11.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/27228
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/3467
vdb-entry
x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2008-0030.html
vendor-advisory
x_refsource_REDHAT
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1
vendor-advisory
x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2008/0149
vdb-entry
x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2007:210
vendor-advisory
x_refsource_MANDRIVA
http://www.securityfocus.com/bid/25898
vdb-entry
x_refsource_BID
http://bugs.gentoo.org/show_bug.cgi?id=194606
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2007/3338
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/27560
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599
vdb-entry
signature
x_refsource_OVAL
http://docs.info.apple.com/article.html?artnum=307562
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2007/3337
vdb-entry
x_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/36920
vdb-entry
x_refsource_XF
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
vendor-advisory
x_refsource_HP
http://secunia.com/advisories/28536
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2007_54_xorg.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securitytracker.com/id?1018763
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/28542
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.securityfocus.com/archive/1/481432/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://bugs.freedesktop.org/show_bug.cgi?id=12299
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/28514
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/27052
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602
Resource:
third-party-advisory
x_refsource_IDEFENSE
Hyperlink: http://secunia.com/advisories/27060
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2008/0924/references
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0029.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/28004
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/27240
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-1756
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/29420
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/27040
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/27176
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/27228
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/3467
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0030.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.vupen.com/english/advisories/2008/0149
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:210
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.securityfocus.com/bid/25898
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=194606
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2007/3338
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/27560
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://docs.info.apple.com/article.html?artnum=307562
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2007/3337
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36920
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/28536
Resource:
third-party-advisory
x_refsource_SECUNIA
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.novell.com/linux/security/advisories/2007_54_xorg.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securitytracker.com/id?1018763
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/28542
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.securityfocus.com/archive/1/481432/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://bugs.freedesktop.org/show_bug.cgi?id=12299
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/28514
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/27052
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602
third-party-advisory
x_refsource_IDEFENSE
x_transferred
http://secunia.com/advisories/27060
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2008/0924/references
vdb-entry
x_refsource_VUPEN
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
vendor-advisory
x_refsource_HP
x_transferred
http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html
mailing-list
x_refsource_MLIST
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0029.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/28004
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/27240
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-1756
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/29420
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/27040
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/27176
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-200710-11.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/27228
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/3467
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0030.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.vupen.com/english/advisories/2008/0149
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:210
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.securityfocus.com/bid/25898
vdb-entry
x_refsource_BID
x_transferred
http://bugs.gentoo.org/show_bug.cgi?id=194606
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2007/3338
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/27560
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://docs.info.apple.com/article.html?artnum=307562
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2007/3337
vdb-entry
x_refsource_VUPEN
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/36920
vdb-entry
x_refsource_XF
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
vendor-advisory
x_refsource_HP
x_transferred
http://secunia.com/advisories/28536
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_54_xorg.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018763
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/28542
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/481432/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://bugs.freedesktop.org/show_bug.cgi?id=12299
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/28514
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/27052
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602
Resource:
third-party-advisory
x_refsource_IDEFENSE
x_transferred
Hyperlink: http://secunia.com/advisories/27060
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/0924/references
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0029.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/28004
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/27240
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1756
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/29420
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/27040
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/27176
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/27228
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/3467
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0030.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/0149
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:210
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/25898
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=194606
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/3338
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/27560
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://docs.info.apple.com/article.html?artnum=307562
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/3337
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36920
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/28536
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:05 Oct, 2007 | 21:17
Updated At:23 Apr, 2026 | 00:35

The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
X.Org Foundation
x.org
>>x_font_server>>Versions up to 1.0.4(inclusive)
cpe:2.3:a:x.org:x_font_server:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-10-08T00:00:00

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-4990 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.

References
HyperlinkSourceResource
http://bugs.freedesktop.org/show_bug.cgi?id=12299cve@mitre.org
N/A
http://bugs.gentoo.org/show_bug.cgi?id=194606cve@mitre.org
N/A
http://docs.info.apple.com/article.html?artnum=307562cve@mitre.org
N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725cve@mitre.org
N/A
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602cve@mitre.org
N/A
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlcve@mitre.org
N/A
http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.htmlcve@mitre.org
N/A
http://secunia.com/advisories/27040cve@mitre.org
N/A
http://secunia.com/advisories/27052cve@mitre.org
N/A
http://secunia.com/advisories/27060cve@mitre.org
N/A
http://secunia.com/advisories/27176cve@mitre.org
N/A
http://secunia.com/advisories/27228cve@mitre.org
N/A
http://secunia.com/advisories/27240cve@mitre.org
N/A
http://secunia.com/advisories/27560cve@mitre.org
N/A
http://secunia.com/advisories/28004cve@mitre.org
N/A
http://secunia.com/advisories/28514cve@mitre.org
N/A
http://secunia.com/advisories/28536cve@mitre.org
N/A
http://secunia.com/advisories/28542cve@mitre.org
N/A
http://secunia.com/advisories/29420cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200710-11.xmlcve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:210cve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2007_54_xorg.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0029.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0030.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/481432/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/25898cve@mitre.org
N/A
http://www.securitytracker.com/id?1018763cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/3337cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/3338cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/3467cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2008/0149cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2008/0924/referencescve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/36920cve@mitre.org
N/A
https://issues.rpath.com/browse/RPL-1756cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599cve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.htmlcve@mitre.org
N/A
http://bugs.freedesktop.org/show_bug.cgi?id=12299af854a3a-2127-422b-91ae-364da2661108
N/A
http://bugs.gentoo.org/show_bug.cgi?id=194606af854a3a-2127-422b-91ae-364da2661108
N/A
http://docs.info.apple.com/article.html?artnum=307562af854a3a-2127-422b-91ae-364da2661108
N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725af854a3a-2127-422b-91ae-364da2661108
N/A
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/27040af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/27052af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/27060af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/27176af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/27228af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/27240af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/27560af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/28004af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/28514af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/28536af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/28542af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/29420af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-200710-11.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:210af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2007_54_xorg.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2008-0029.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2008-0030.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/481432/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/25898af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id?1018763af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/3337af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/3338af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/3467af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2008/0149af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2008/0924/referencesaf854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/36920af854a3a-2127-422b-91ae-364da2661108
N/A
https://issues.rpath.com/browse/RPL-1756af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.freedesktop.org/show_bug.cgi?id=12299
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=194606
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://docs.info.apple.com/article.html?artnum=307562
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27040
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27052
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27060
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27176
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27228
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27240
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27560
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28004
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28514
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28536
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28542
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/29420
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-11.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:210
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_54_xorg.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0029.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0030.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/481432/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/25898
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1018763
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/3337
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/3338
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/3467
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/0149
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/0924/references
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36920
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-1756
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://bugs.freedesktop.org/show_bug.cgi?id=12299
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=194606
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://docs.info.apple.com/article.html?artnum=307562
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01323725
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=602
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2007-October/000416.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/27040
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/27052
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/27060
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/27176
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/27228
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/27240
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/27560
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/28004
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/28514
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/28536
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/28542
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/29420
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-11.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103114-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200642-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:210
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_54_xorg.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0029.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0030.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/481432/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/25898
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1018763
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/3337
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/3338
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/3467
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/0149
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/0924/references
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36920
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-1756
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11599
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00352.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

31Records found
CVE-2017-12177
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.45% / 90.19%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-391
Unchecked Error Condition
CVE-2008-0006
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-5.11% / 91.27%
||
7 Day CHG~0.00%
Published-18 Jan, 2008 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)X.Org Foundation
Product-solaris_libfontxserversolaris_libxfontn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2005-0605
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.51% / 90.28%
||
7 Day CHG~0.00%
Published-04 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

Action-Not Available
Vendor-xfree86_projectlesstifaltlinuxn/aMandriva (Mandrakesoft)Silicon Graphics, Inc.X.Org FoundationRed Hat, Inc.SUSE
Product-alt_linuxx11r6mandrake_linuxsuse_linuxpropackfedora_coreenterprise_linux_desktoplesstifenterprise_linuxmandrake_linux_corporate_servern/a
CVE-2004-0687
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.05% / 94.05%
||
7 Day CHG~0.00%
Published-24 Sep, 2004 | 00:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.

Action-Not Available
Vendor-xfree86_projectn/aOpenBSDX.Org FoundationSUSE
Product-x11r6suse_linuxopenbsdn/a
CVE-2004-0688
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.25% / 93.54%
||
7 Day CHG~0.00%
Published-24 Sep, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.

Action-Not Available
Vendor-xfree86_projectn/aOpenBSDX.Org FoundationSUSE
Product-x11r6suse_linuxopenbsdn/a
CVE-2004-0419
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.48% / 82.49%
||
7 Day CHG~0.00%
Published-03 Jun, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.

Action-Not Available
Vendor-xfree86_projectn/aGentoo Foundation, Inc.X.Org Foundation
Product-x11r6linuxxdmn/a
CVE-2021-31535
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.63% / 95.22%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 12:26
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.

Action-Not Available
Vendor-n/aFedora ProjectX.Org Foundation
Product-libx11x_window_systemfedoran/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2013-7439
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.5||HIGH
EPSS-4.28% / 89.83%
||
7 Day CHG~0.00%
Published-16 Apr, 2015 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxX.Org Foundation
Product-libx11debian_linuxubuntu_linuxx11n/a
CVE-2018-14599
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.99% / 91.11%
||
7 Day CHG~0.00%
Published-24 Aug, 2018 | 19:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Debian GNU/LinuxX.Org FoundationRed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_workstationfedoralibx11enterprise_linux_desktopn/a
CWE ID-CWE-193
Off-by-one Error
CVE-2016-7949
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-3.72% / 88.38%
||
7 Day CHG-0.03%
Published-13 Dec, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.

Action-Not Available
Vendor-n/aX.Org FoundationFedora Project
Product-libxrenderfedoran/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-7942
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-4.29% / 89.84%
||
7 Day CHG-0.03%
Published-13 Dec, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.

Action-Not Available
Vendor-n/aX.Org FoundationFedora Project
Product-libx11fedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-12181
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.31% / 89.89%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12183
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.31% / 89.89%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12178
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.25% / 89.76%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12184
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.25% / 89.76%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12182
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.31% / 89.89%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12179
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.45% / 90.19%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12185
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.25% / 89.76%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-n/aX.Org FoundationDebian GNU/Linux
Product-debian_linuxx_servern/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12186
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.38% / 90.04%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12180
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.31% / 89.89%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12176
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.25% / 89.76%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2017-12187
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.41% / 87.33%
||
7 Day CHG~0.00%
Published-24 Jan, 2018 | 15:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Action-Not Available
Vendor-X.Org FoundationDebian GNU/Linux
Product-debian_linuxx_serverxorg-x11-server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-391
Unchecked Error Condition
CVE-2016-7950
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-2.72% / 84.10%
||
7 Day CHG-0.02%
Published-13 Dec, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.

Action-Not Available
Vendor-n/aX.Org FoundationFedora Project
Product-libxrenderfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-7944
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-3.40% / 87.28%
||
7 Day CHG-0.03%
Published-13 Dec, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.

Action-Not Available
Vendor-n/aX.Org FoundationFedora Project
Product-libxfixesfedoran/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2016-7947
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-3.63% / 88.06%
||
7 Day CHG-0.03%
Published-13 Dec, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.

Action-Not Available
Vendor-n/aX.Org FoundationFedora Project
Product-fedoralibxrandrn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-7953
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-3.32% / 87.00%
||
7 Day CHG-0.03%
Published-13 Dec, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.

Action-Not Available
Vendor-n/aX.Org FoundationFedora Project
Product-libxvmcfedoran/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7948
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-3.63% / 88.06%
||
7 Day CHG-0.03%
Published-13 Dec, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.

Action-Not Available
Vendor-n/aX.Org FoundationFedora Project
Product-libxrandrfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-7943
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-4.46% / 90.20%
||
7 Day CHG~0.00%
Published-13 Dec, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.

Action-Not Available
Vendor-n/aX.Org FoundationFedora Project
Product-libx11fedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-5407
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.53% / 90.32%
||
7 Day CHG-0.04%
Published-13 Dec, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.

Action-Not Available
Vendor-n/aX.Org FoundationFedora Project
Product-libxvfedoran/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10164
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.53% / 93.71%
||
7 Day CHG~0.00%
Published-01 Feb, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aX.Org Foundation
Product-libxpmn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-14600
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.71% / 94.90%
||
7 Day CHG~0.00%
Published-24 Aug, 2018 | 19:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.X.Org Foundation
Product-libx11debian_linuxubuntu_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
Details not found