X.org : Security Vulnerabilities, CVEs, Published In 2008 (Code Execution) CVSS score >= 8
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.
Max CVSS
9.3
EPSS Score
0.60%
Published
2008-01-18
Updated
2018-10-15
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
Max CVSS
9.3
EPSS Score
0.71%
Published
2008-01-18
Updated
2020-11-20
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.
Max CVSS
9.3
EPSS Score
2.08%
Published
2008-01-18
Updated
2018-10-15
3 vulnerabilities found