GCVE - cpe:2.3:a:x.org:x_server:1.11.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:x.org:x_server:1.11.0:*:*:*:*:*:*:*

part: a version: 1.11.0 update: *

Vendor	X.Org (`4cd053ee-09df-594a-873d-dbd09ec2f899`)
Product	X Server (`886aecb6-f1b2-5d3d-bfbf-bfb474c3b23f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/xserver-xorg-core`	purl2cpe	2026-06-01 10:14:02.410912
`pkg:deb/ubuntu/xserver-xorg-core`	purl2cpe	2026-06-01 10:14:02.410914
`pkg:github/freedesktop/xorg-xserver`	purl2cpe	2026-06-01 10:14:02.410915
`pkg:rpm/opensuse/xserver-xorg-core`	purl2cpe	2026-06-01 10:14:02.410917

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-8094`	vulnerable	2026-06-03 14:34:22.612281	Details available Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, which triggers an out-of-bounds read or write. Published: 2014-12-10T15:00:00.000Z Updated: 2024-08-06T13:10:49.952Z Open on db.gcve.eu Reference links http://www.debian.org/security/2014/dsa-3095 http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ http://advisories.mageia.org/MGASA-2014-0532.html https://security.gentoo.org/glsa/201504-06 http://www.securityfocus.com/bid/71601	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4029`	vulnerable	2026-06-03 14:31:22.610523	Details available The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file. Published: 2012-07-03T19:00:00.000Z Updated: 2024-09-17T03:18:31.736Z Open on db.gcve.eu Reference links http://lists.freedesktop.org/archives/xorg/2011-October/053680.html http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4 http://secunia.com/advisories/46460 http://rhn.redhat.com/errata/RHSA-2012-0939.html http://secunia.com/advisories/49579	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4028`	vulnerable	2026-06-03 14:31:22.610062	Details available The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists. Published: 2012-07-03T19:00:00.000Z Updated: 2024-09-16T18:54:10.506Z Open on db.gcve.eu Reference links http://cgit.freedesktop.org/xorg/xserver/commit/?id=6ba44b91e37622ef8c146d8f2ac92d708a18ed34 http://lists.freedesktop.org/archives/xorg/2011-October/053680.html http://secunia.com/advisories/46460 http://rhn.redhat.com/errata/RHSA-2012-0939.html http://secunia.com/advisories/49579	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.