Approved changes feed: RSS · Atom
cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*
part: a version: 6.8 update: *
| Vendor | X.Org (4cd053ee-09df-594a-873d-dbd09ec2f899) |
|---|---|
| Product | X11R6 (91cca85d-b952-58d1-a72e-04bb6c0254ba) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2006-4447 |
vulnerable | 2026-06-03 14:27:42.855597 |
Details available
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.
Published: 2006-08-30T01:00:00.000Z
Updated: 2024-08-07T19:14:46.372Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-1526 |
vulnerable | 2026-06-03 14:27:24.564193 |
Details available
Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory allocation due to a typo in an expression that uses a "&" instead of a "*" operator. NOTE: the subject line of the original announcement used an incorrect CVE number for this issue.
Published: 2006-05-02T21:00:00.000Z
Updated: 2024-08-07T17:12:22.400Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0605 |
vulnerable | 2026-06-03 14:26:51.032595 |
Details available
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
Published: 2005-03-04T05:00:00.000Z
Updated: 2024-08-07T21:21:06.249Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0914 |
vulnerable | 2026-06-03 14:26:37.479312 |
Details available
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
Published: 2004-12-15T05:00:00.000Z
Updated: 2024-08-08T00:31:48.097Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0688 |
vulnerable | 2026-06-03 14:26:36.508463 |
Details available
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Published: 2004-09-24T04:00:00.000Z
Updated: 2024-08-08T00:24:27.110Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0687 |
vulnerable | 2026-06-03 14:26:36.502901 |
Details available
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.
Published: 2004-09-24T00:00:00.000Z
Updated: 2024-08-08T00:24:27.112Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.