- Home
- CVEs with nessus.description==Updated x11-server packages fix security vulnerabilities :
Ilja van Sprundel of IOActive discovered several security issues in
the X.org X server, which may lead to privilege escalation or denial
of service (CVE-2014-8091, CVE-2014-8092, CVE-2014-8093,
CVE-2014-8094, CVE-2014-8095, CVE-2014-8096, CVE-2014-8097,
CVE-2014-8098, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101,
CVE-2014-8102).
Olivier Fourdan from Red Hat has discovered a protocol handling issue
in the way the X server code base handles the XkbSetGeometry request,
where the server trusts the client to send valid string lengths. A
malicious client with string lengths exceeding the request length can
cause the server to copy adjacent memory data into the XKB structs.
This data is then available to the client via the XkbGetGeometry
request. This can lead to information disclosure issues, as well as
possibly a denial of service if a similar request can cause the server
to crash (CVE-2015-0255).
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top