Approved changes feed: RSS · Atom
cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:*
part: a version: 1.0 update: *
| Vendor | X.Org (4cd053ee-09df-594a-873d-dbd09ec2f899) |
|---|---|
| Product | X11R7 (54ee00b0-d8f9-542a-9953-b61afc8ce04d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2006-4447 |
vulnerable | 2026-06-03 14:27:42.858426 |
Details available
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.
Published: 2006-08-30T01:00:00.000Z
Updated: 2024-08-07T19:14:46.372Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-0745 |
vulnerable | 2026-06-03 14:27:22.324381 |
Details available
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
Published: 2006-03-21T02:00:00.000Z
Updated: 2024-08-07T16:48:55.745Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.