Xfree86 Project » X11r6 : Security Vulnerabilities, CVEs, (Denial of service) CVSS score >= 6
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
Max CVSS
10.0
EPSS Score
8.80%
Published
2005-01-10
Updated
2017-10-11
Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI).
Max CVSS
7.5
EPSS Score
7.62%
Published
2004-03-15
Updated
2017-10-10
XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI).
Max CVSS
7.5
EPSS Score
7.62%
Published
2004-03-15
Updated
2017-10-10
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
Max CVSS
7.5
EPSS Score
5.88%
Published
2003-10-20
Updated
2016-10-18
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
Max CVSS
7.5
EPSS Score
13.89%
Published
2002-12-11
Updated
2018-10-30
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title.
Max CVSS
7.2
EPSS Score
0.06%
Published
2001-09-22
Updated
2017-12-19
6 vulnerabilities found