X : Security Vulnerabilities, CVEs, Published In 2012 (Denial of service)
The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw."
Max CVSS
3.6
EPSS Score
0.04%
Published
2012-09-05
Updated
2012-09-13
The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference.
Max CVSS
3.6
EPSS Score
0.04%
Published
2012-12-21
Updated
2017-09-19
2 vulnerabilities found