Approved changes feed: RSS · Atom
cpe:2.3:a:x.org:xserver:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | X.Org (4cd053ee-09df-594a-873d-dbd09ec2f899) |
|---|---|
| Product | Xserver (b1a4c9fb-8e0b-54bb-866b-ce0206e46cef) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2008-0006 |
vulnerable | 2026-06-03 14:28:30.741095 |
Details available
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.
Published: 2008-01-18T22:00:00.000Z
Updated: 2024-08-07T07:32:23.335Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-6429 |
vulnerable | 2026-06-03 14:28:29.649303 |
Details available
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.
Published: 2008-01-18T22:00:00.000Z
Updated: 2024-08-07T16:02:37.086Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-6428 |
vulnerable | 2026-06-03 14:28:29.645890 |
Details available
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.
Published: 2008-01-18T22:00:00.000Z
Updated: 2024-08-07T16:02:36.932Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-5958 |
vulnerable | 2026-06-03 14:28:28.171518 |
Details available
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
Published: 2008-01-18T22:00:00.000Z
Updated: 2024-08-07T15:47:00.640Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-5760 |
vulnerable | 2026-06-03 14:28:27.814130 |
Details available
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.
Published: 2008-01-18T22:00:00.000Z
Updated: 2024-08-07T15:39:13.754Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2437 |
vulnerable | 2026-06-03 14:28:08.217437 |
Details available
The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps functions, which trigger a divide-by-zero error.
Published: 2007-05-02T10:00:00.000Z
Updated: 2024-08-07T13:42:33.444Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.