GCVE - cpe:2.3:a:x:x.org_x11:6.4:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:x:x.org_x11:6.4:*:*:*:*:*:*:*

part: a version: 6.4 update: *

Vendor	X (`a2acdb6f-4f26-543b-8294-d5d6397c9211`)
Product	X.Org X11 (`2397af2b-eed9-5b24-b58b-1ace6073846f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-4396`	vulnerable	2026-06-03 14:33:11.504262	Details available Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure. Published: 2013-10-10T10:00:00.000Z Updated: 2024-08-06T16:45:12.730Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-updates/2013-10/msg00056.html http://rhn.redhat.com/errata/RHSA-2013-1426.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00060.html http://www.debian.org/security/2013/dsa-2784 http://www.ubuntu.com/usn/USN-1990-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-1699`	vulnerable	2026-06-03 14:31:44.229134	Details available The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference. Published: 2012-12-21T02:00:00.000Z Updated: 2024-08-06T19:08:38.483Z Open on db.gcve.eu Reference links https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369 http://twitter.com/bsdaemon/status/228958599790071809 https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of http://marc.info/?l=bugtraq&m=135765511704334&w=2 http://marc.info/?l=bugtraq&m=135765511704334&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0064`	vulnerable	2026-06-03 14:31:29.075339	Details available xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations that break the input grab. Published: 2014-02-10T23:00:00.000Z Updated: 2024-08-06T18:16:18.454Z Open on db.gcve.eu Reference links http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/ http://who-t.blogspot.com/2012/01/xkb-breaking-grabs-cve-2012-0064.html http://lists.x.org/archives/xorg-devel/2012-January/028691.html http://securitytracker.com/id?1026549 http://www.osvdb.org/78445	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.