CVE-1999-0526

Public exploit
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
Max CVSS
10.0
EPSS Score
80.74%
Published
1997-07-01
Updated
2008-09-09
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
Max CVSS
10.0
EPSS Score
8.80%
Published
2005-01-10
Updated
2017-10-11
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.
Max CVSS
10.0
EPSS Score
0.63%
Published
2006-12-31
Updated
2017-10-11
Format string vulnerability in the LogVHdrMessageVerb function in os/log.c in X.Org X11 1.11 allows attackers to cause a denial of service or possibly execute arbitrary code via format string specifiers in an input device name.
Max CVSS
10.0
EPSS Score
1.98%
Published
2012-05-18
Updated
2017-08-29
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.
Max CVSS
9.8
EPSS Score
0.66%
Published
2016-12-13
Updated
2017-07-01
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
Max CVSS
9.8
EPSS Score
1.30%
Published
2016-12-13
Updated
2018-09-13
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.
Max CVSS
9.8
EPSS Score
1.40%
Published
2016-12-13
Updated
2018-09-13
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
Max CVSS
9.8
EPSS Score
0.91%
Published
2016-12-13
Updated
2017-07-01
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
Max CVSS
9.8
EPSS Score
0.97%
Published
2016-12-13
Updated
2017-07-01
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
Max CVSS
9.8
EPSS Score
0.97%
Published
2016-12-13
Updated
2017-07-01
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
Max CVSS
9.8
EPSS Score
0.93%
Published
2016-12-13
Updated
2017-07-01
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
Max CVSS
9.8
EPSS Score
0.97%
Published
2016-12-13
Updated
2017-07-01
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
Max CVSS
9.8
EPSS Score
1.36%
Published
2016-12-13
Updated
2017-07-01
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
Max CVSS
9.8
EPSS Score
2.54%
Published
2017-02-01
Updated
2023-10-17
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.79%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
1.15%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.83%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.65%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.79%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.60%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.79%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.79%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.38%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.38%
Published
2018-01-24
Updated
2019-10-09
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.47%
Published
2018-01-24
Updated
2019-10-09
143 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!