Known Vulnerabilities for products from Xfree86 Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Xfree86 Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2007-5760 | Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute a... | 9.3 - HIGH | 2008-01-18 | 2018-10-15 |
| CVE-2007-1351 | Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 ... | 8.5 - HIGH | 2007-04-06 | 2018-10-16 |
| CVE-2006-6103 | Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X ... | 6.6 - MEDIUM | 2006-12-31 | 2017-10-11 |
| CVE-2006-6102 | Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 ... | 10 - HIGH | 2006-12-31 | 2017-10-11 |
| CVE-2006-6101 | Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree8... | 6.6 - MEDIUM | 2006-12-31 | 2017-10-11 |
| CVE-2006-3740 | Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary cod... | 7.2 - HIGH | 2006-09-13 | 2018-10-17 |
| CVE-2006-3739 | Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via ... | 7.2 - HIGH | 2006-09-13 | 2018-10-17 |
| CVE-2005-2495 | Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixm... | 5.1 - MEDIUM | 2005-09-15 | 2018-10-19 |
| CVE-2005-0605 | scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overf... | 7.5 - HIGH | 2005-03-02 | 2018-10-03 |
| CVE-2004-0914 | Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer... | 10 - HIGH | 2005-01-10 | 2017-10-11 |
| CVE-2004-0688 | Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (... | 7.5 - HIGH | 2004-10-20 | 2018-10-19 |
| CVE-2004-0687 | Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixel... | 7.5 - HIGH | 2004-10-20 | 2023-01-20 |
| CVE-2004-0419 | XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to ... | 7.5 - HIGH | 2004-08-18 | 2017-10-11 |
| CVE-2004-0106 | Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vu... | 7.2 - HIGH | 2004-03-03 | 2017-10-11 |
| CVE-2004-0094 | Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary... | 7.5 - HIGH | 2004-03-15 | 2017-10-10 |
| CVE-2004-0093 | XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an out-of-bounds a... | 7.5 - HIGH | 2004-03-15 | 2017-10-10 |
| CVE-2004-0084 | Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows... | 10 - HIGH | 2004-03-03 | 2017-10-11 |
| CVE-2004-0083 | Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to exe... | 10 - HIGH | 2004-03-03 | 2017-10-11 |
| CVE-2003-0730 | Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of servi... | 7.5 - HIGH | 2003-10-20 | 2016-10-18 |
| CVE-2003-0071 | The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a den... | 2.1 - LOW | 2003-03-03 | 2016-10-18 |