Xfce : Security Vulnerabilities, CVEs, (Overflow)
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
Max CVSS
7.8
EPSS Score
0.13%
Published
2019-11-14
Updated
2020-08-18
Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."
Max CVSS
10.0
EPSS Score
3.98%
Published
2008-01-09
Updated
2011-03-08
Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (over-read) in the xfce_mkdirhier function was also reported, but it might not be exploitable for a crash or code execution, so it is not a vulnerability.
Max CVSS
5.0
EPSS Score
3.24%
Published
2008-01-09
Updated
2011-03-08
3 vulnerabilities found