Search criteria
2 vulnerabilities by xfree86
CVE-2011-2504 (GCVE-0-2011-2504)
Vulnerability from cvelistv5 – Published: 2013-03-08 22:00 – Updated: 2024-08-06 23:00
VLAI
Summary
Untrusted search path vulnerability in x11perfcomp in XFree86 x11perf before 1.5.4 allows local users to gain privileges via unspecified Trojan horse code in the current working directory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-0502.html | vendor-advisoryx_refsource_REDHAT |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.freedesktop.org/archives/xorg-announ… | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/58082 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=717672 | x_refsource_MISC |
Date Public
2011-07-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:0502",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0502.html"
},
{
"name": "x11perf-priv-esc(82241)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82241"
},
{
"name": "[xorg-announce] 20110727 [ANNOUNCE] x11perf 1.5.4",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-July/001715.html"
},
{
"name": "58082",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58082"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=717672"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in x11perfcomp in XFree86 x11perf before 1.5.4 allows local users to gain privileges via unspecified Trojan horse code in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:0502",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0502.html"
},
{
"name": "x11perf-priv-esc(82241)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82241"
},
{
"name": "[xorg-announce] 20110727 [ANNOUNCE] x11perf 1.5.4",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-July/001715.html"
},
{
"name": "58082",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58082"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=717672"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2504",
"datePublished": "2013-03-08T22:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:34.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1699 (GCVE-0-2012-1699)
Vulnerability from cvelistv5 – Published: 2012-12-21 02:00 – Updated: 2024-08-06 19:08
VLAI
Summary
The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://twitter.com/bsdaemon/status/228958599790071809 | x_refsource_MISC |
| https://blogs.oracle.com/sunsecurity/entry/cve_20… | x_refsource_CONFIRM |
| http://marc.info/?l=bugtraq&m=135765511704334&w=2 | vendor-advisoryx_refsource_HP |
| https://bugzilla.redhat.com/show_bug.cgi?id=842841 | x_refsource_MISC |
| http://lists.freedesktop.org/archives/xorg-announ… | mailing-listx_refsource_MLIST |
| http://invisible-island.net/ansification/ansify-x… | x_refsource_MISC |
Date Public
2012-07-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:08:38.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:19369",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://twitter.com/bsdaemon/status/228958599790071809"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of"
},
{
"name": "HPSBUX02829",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135765511704334\u0026w=2"
},
{
"name": "SSRT100883",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135765511704334\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842841"
},
{
"name": "[xorg-announce] 20120724 X.Org security advisory: DoS/info leak in xfs prior to X11R6.7/XFree86\t3.3.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://invisible-island.net/ansification/ansify-xfs-cve.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "oval:org.mitre.oval:def:19369",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://twitter.com/bsdaemon/status/228958599790071809"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of"
},
{
"name": "HPSBUX02829",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135765511704334\u0026w=2"
},
{
"name": "SSRT100883",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135765511704334\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842841"
},
{
"name": "[xorg-announce] 20120724 X.Org security advisory: DoS/info leak in xfs prior to X11R6.7/XFree86\t3.3.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://invisible-island.net/ansification/ansify-xfs-cve.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-1699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:19369",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19369"
},
{
"name": "http://twitter.com/bsdaemon/status/228958599790071809",
"refsource": "MISC",
"url": "http://twitter.com/bsdaemon/status/228958599790071809"
},
{
"name": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of",
"refsource": "CONFIRM",
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_1699_denial_of"
},
{
"name": "HPSBUX02829",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=135765511704334\u0026w=2"
},
{
"name": "SSRT100883",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=135765511704334\u0026w=2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=842841",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=842841"
},
{
"name": "[xorg-announce] 20120724 X.Org security advisory: DoS/info leak in xfs prior to X11R6.7/XFree86\t3.3.3",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2012-July/002040.html"
},
{
"name": "http://invisible-island.net/ansification/ansify-xfs-cve.html",
"refsource": "MISC",
"url": "http://invisible-island.net/ansification/ansify-xfs-cve.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2012-1699",
"datePublished": "2012-12-21T02:00:00.000Z",
"dateReserved": "2012-03-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:08:38.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}