Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for x.org by x.org

    CVE-2010-4818 (GCVE-0-2010-4818)

    Vulnerability from nvd – Published: 2012-09-05 23:00 – Updated: 2024-08-07 04:02
    VLAI
    Summary
    The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:02:29.487Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.freedesktop.org/show_bug.cgi?id=28823"
              },
              {
                "name": "[oss-security] 20110923 Re: CVE Request: Missing input sanitation in various X GLX calls",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/23/6"
              },
              {
                "name": "RHSA-2011:1359",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2011-1359.html"
              },
              {
                "name": "RHSA-2011:1360",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2011-1360.html"
              },
              {
                "name": "[oss-security] 20110923 Re: CVE Request: Missing input sanitation in various X GLX calls",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/23/4"
              },
              {
                "name": "[oss-security] 20110922 CVE Request: Missing input sanitation in various X GLX calls",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/22/7"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=3f0d3f4d97bce75c1828635c322b6560a45a037f"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=740954"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=ec9c97c6bf70b523bc500bd3adf62176f1bb33a4"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-05T23:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.freedesktop.org/show_bug.cgi?id=28823"
            },
            {
              "name": "[oss-security] 20110923 Re: CVE Request: Missing input sanitation in various X GLX calls",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/23/6"
            },
            {
              "name": "RHSA-2011:1359",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2011-1359.html"
            },
            {
              "name": "RHSA-2011:1360",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2011-1360.html"
            },
            {
              "name": "[oss-security] 20110923 Re: CVE Request: Missing input sanitation in various X GLX calls",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/23/4"
            },
            {
              "name": "[oss-security] 20110922 CVE Request: Missing input sanitation in various X GLX calls",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/22/7"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=3f0d3f4d97bce75c1828635c322b6560a45a037f"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=740954"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=ec9c97c6bf70b523bc500bd3adf62176f1bb33a4"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-4818",
        "datePublished": "2012-09-05T23:00:00.000Z",
        "dateReserved": "2011-08-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:02:29.487Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6103 (GCVE-0-2006-6103)

    Vulnerability from nvd – Published: 2007-01-09 23:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/0108 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2007/0669 vdb-entryx_refsource_VUPEN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/bid/21968 vdb-entryx_refsource_BID
    http://secunia.com/advisories/23789 third-party-advisoryx_refsource_SECUNIA
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://secunia.com/advisories/24168 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23633 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23670 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/24401 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23684 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2007/0589 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://issues.rpath.com/browse/RPL-920 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/0109 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/23966 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200701-25.xml vendor-advisoryx_refsource_GENTOO
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23698 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/25802 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23758 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23705 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23689 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://securitytracker.com/id?1017495 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/24210 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://ftp.netbsd.org/pub/NetBSD/security/advisor… vendor-advisoryx_refsource_NETBSD
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.debian.org/security/2007/dsa-1249 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/24247 third-party-advisoryx_refsource_SECUNIA
    http://lists.freedesktop.org/archives/xorg-announ… mailing-listx_refsource_MLIST
    http://www.ubuntu.com/usn/usn-403-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2007/2233 vdb-entryx_refsource_VUPEN
    http://osvdb.org/32086 vdb-entryx_refsource_OSVDB
    Date Public
    2007-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:31.759Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-0108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0108"
              },
              {
                "name": "ADV-2007-0669",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0669"
              },
              {
                "name": "SUSE-SA:2007:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
              },
              {
                "name": "20070109 Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=465"
              },
              {
                "name": "21968",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21968"
              },
              {
                "name": "23789",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23789"
              },
              {
                "name": "HPSBUX02225",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "24168",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24168"
              },
              {
                "name": "23633",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23633"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
              },
              {
                "name": "23670",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23670"
              },
              {
                "name": "24401",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24401"
              },
              {
                "name": "23684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23684"
              },
              {
                "name": "RHSA-2007:0002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
              },
              {
                "name": "ADV-2007-0589",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0589"
              },
              {
                "name": "xorg-xserver-dbe-swap-overflow(31379)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31379"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-920"
              },
              {
                "name": "ADV-2007-0109",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0109"
              },
              {
                "name": "oval:org.mitre.oval:def:11011",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11011"
              },
              {
                "name": "23966",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23966"
              },
              {
                "name": "GLSA-200701-25",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
              },
              {
                "name": "SSRT071295",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "23698",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23698"
              },
              {
                "name": "25802",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25802"
              },
              {
                "name": "23758",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23758"
              },
              {
                "name": "23705",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23705"
              },
              {
                "name": "23689",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23689"
              },
              {
                "name": "102803",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
              },
              {
                "name": "1017495",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017495"
              },
              {
                "name": "24210",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24210"
              },
              {
                "name": "SSA:2007-066-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
              },
              {
                "name": "RHSA-2007:0003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
              },
              {
                "name": "NetBSD-SA2007-002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
              },
              {
                "name": "MDKSA-2007:005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
              },
              {
                "name": "DSA-1249",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2007/dsa-1249"
              },
              {
                "name": "24247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24247"
              },
              {
                "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
              },
              {
                "name": "USN-403-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-403-1"
              },
              {
                "name": "ADV-2007-2233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2233"
              },
              {
                "name": "32086",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/32086"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2007-0108",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0108"
            },
            {
              "name": "ADV-2007-0669",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0669"
            },
            {
              "name": "SUSE-SA:2007:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
            },
            {
              "name": "20070109 Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=465"
            },
            {
              "name": "21968",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21968"
            },
            {
              "name": "23789",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23789"
            },
            {
              "name": "HPSBUX02225",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "24168",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24168"
            },
            {
              "name": "23633",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23633"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
            },
            {
              "name": "23670",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23670"
            },
            {
              "name": "24401",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24401"
            },
            {
              "name": "23684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23684"
            },
            {
              "name": "RHSA-2007:0002",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
            },
            {
              "name": "ADV-2007-0589",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0589"
            },
            {
              "name": "xorg-xserver-dbe-swap-overflow(31379)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31379"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-920"
            },
            {
              "name": "ADV-2007-0109",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0109"
            },
            {
              "name": "oval:org.mitre.oval:def:11011",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11011"
            },
            {
              "name": "23966",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23966"
            },
            {
              "name": "GLSA-200701-25",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
            },
            {
              "name": "SSRT071295",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "23698",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23698"
            },
            {
              "name": "25802",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25802"
            },
            {
              "name": "23758",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23758"
            },
            {
              "name": "23705",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23705"
            },
            {
              "name": "23689",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23689"
            },
            {
              "name": "102803",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
            },
            {
              "name": "1017495",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017495"
            },
            {
              "name": "24210",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24210"
            },
            {
              "name": "SSA:2007-066-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
            },
            {
              "name": "RHSA-2007:0003",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
            },
            {
              "name": "NetBSD-SA2007-002",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
            },
            {
              "name": "MDKSA-2007:005",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
            },
            {
              "name": "DSA-1249",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2007/dsa-1249"
            },
            {
              "name": "24247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24247"
            },
            {
              "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
            },
            {
              "name": "USN-403-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-403-1"
            },
            {
              "name": "ADV-2007-2233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2233"
            },
            {
              "name": "32086",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/32086"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-6103",
        "datePublished": "2007-01-09T23:00:00.000Z",
        "dateReserved": "2006-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:31.759Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6101 (GCVE-0-2006-6101)

    Vulnerability from nvd – Published: 2007-01-09 23:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/0108 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2007/0669 vdb-entryx_refsource_VUPEN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.securityfocus.com/bid/21968 vdb-entryx_refsource_BID
    http://secunia.com/advisories/23789 third-party-advisoryx_refsource_SECUNIA
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://secunia.com/advisories/24168 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23633 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23670 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/32084 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/24401 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/23684 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2007/0589 vdb-entryx_refsource_VUPEN
    https://issues.rpath.com/browse/RPL-920 x_refsource_CONFIRM
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.vupen.com/english/advisories/2007/0109 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23966 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200701-25.xml vendor-advisoryx_refsource_GENTOO
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23698 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/25802 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23758 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23705 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23689 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://securitytracker.com/id?1017495 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/24210 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://ftp.netbsd.org/pub/NetBSD/security/advisor… vendor-advisoryx_refsource_NETBSD
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.debian.org/security/2007/dsa-1249 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/24247 third-party-advisoryx_refsource_SECUNIA
    http://lists.freedesktop.org/archives/xorg-announ… mailing-listx_refsource_MLIST
    http://www.ubuntu.com/usn/usn-403-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2007/2233 vdb-entryx_refsource_VUPEN
    Date Public
    2007-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:31.636Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-0108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0108"
              },
              {
                "name": "ADV-2007-0669",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0669"
              },
              {
                "name": "SUSE-SA:2007:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
              },
              {
                "name": "21968",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21968"
              },
              {
                "name": "23789",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23789"
              },
              {
                "name": "HPSBUX02225",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "24168",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24168"
              },
              {
                "name": "23633",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23633"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
              },
              {
                "name": "23670",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23670"
              },
              {
                "name": "32084",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/32084"
              },
              {
                "name": "xorg-xserver-render-overflow(31337)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31337"
              },
              {
                "name": "24401",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24401"
              },
              {
                "name": "oval:org.mitre.oval:def:10490",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10490"
              },
              {
                "name": "23684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23684"
              },
              {
                "name": "RHSA-2007:0002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
              },
              {
                "name": "ADV-2007-0589",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0589"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-920"
              },
              {
                "name": "20070109 Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463"
              },
              {
                "name": "ADV-2007-0109",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0109"
              },
              {
                "name": "23966",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23966"
              },
              {
                "name": "GLSA-200701-25",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
              },
              {
                "name": "SSRT071295",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "23698",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23698"
              },
              {
                "name": "25802",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25802"
              },
              {
                "name": "23758",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23758"
              },
              {
                "name": "23705",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23705"
              },
              {
                "name": "23689",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23689"
              },
              {
                "name": "102803",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
              },
              {
                "name": "1017495",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017495"
              },
              {
                "name": "24210",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24210"
              },
              {
                "name": "SSA:2007-066-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
              },
              {
                "name": "RHSA-2007:0003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
              },
              {
                "name": "NetBSD-SA2007-002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
              },
              {
                "name": "MDKSA-2007:005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
              },
              {
                "name": "DSA-1249",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2007/dsa-1249"
              },
              {
                "name": "24247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24247"
              },
              {
                "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
              },
              {
                "name": "USN-403-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-403-1"
              },
              {
                "name": "ADV-2007-2233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2233"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2007-0108",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0108"
            },
            {
              "name": "ADV-2007-0669",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0669"
            },
            {
              "name": "SUSE-SA:2007:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
            },
            {
              "name": "21968",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21968"
            },
            {
              "name": "23789",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23789"
            },
            {
              "name": "HPSBUX02225",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "24168",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24168"
            },
            {
              "name": "23633",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23633"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
            },
            {
              "name": "23670",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23670"
            },
            {
              "name": "32084",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/32084"
            },
            {
              "name": "xorg-xserver-render-overflow(31337)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31337"
            },
            {
              "name": "24401",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24401"
            },
            {
              "name": "oval:org.mitre.oval:def:10490",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10490"
            },
            {
              "name": "23684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23684"
            },
            {
              "name": "RHSA-2007:0002",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
            },
            {
              "name": "ADV-2007-0589",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0589"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-920"
            },
            {
              "name": "20070109 Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463"
            },
            {
              "name": "ADV-2007-0109",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0109"
            },
            {
              "name": "23966",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23966"
            },
            {
              "name": "GLSA-200701-25",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
            },
            {
              "name": "SSRT071295",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "23698",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23698"
            },
            {
              "name": "25802",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25802"
            },
            {
              "name": "23758",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23758"
            },
            {
              "name": "23705",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23705"
            },
            {
              "name": "23689",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23689"
            },
            {
              "name": "102803",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
            },
            {
              "name": "1017495",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017495"
            },
            {
              "name": "24210",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24210"
            },
            {
              "name": "SSA:2007-066-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
            },
            {
              "name": "RHSA-2007:0003",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
            },
            {
              "name": "NetBSD-SA2007-002",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
            },
            {
              "name": "MDKSA-2007:005",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
            },
            {
              "name": "DSA-1249",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2007/dsa-1249"
            },
            {
              "name": "24247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24247"
            },
            {
              "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
            },
            {
              "name": "USN-403-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-403-1"
            },
            {
              "name": "ADV-2007-2233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2233"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-6101",
        "datePublished": "2007-01-09T23:00:00.000Z",
        "dateReserved": "2006-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:31.636Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6102 (GCVE-0-2006-6102)

    Vulnerability from nvd – Published: 2007-01-09 23:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/0108 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2007/0669 vdb-entryx_refsource_VUPEN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.securityfocus.com/bid/21968 vdb-entryx_refsource_BID
    http://secunia.com/advisories/23789 third-party-advisoryx_refsource_SECUNIA
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://secunia.com/advisories/24168 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23633 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23670 third-party-advisoryx_refsource_SECUNIA
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://secunia.com/advisories/24401 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23684 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2007/0589 vdb-entryx_refsource_VUPEN
    https://issues.rpath.com/browse/RPL-920 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/0109 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23966 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200701-25.xml vendor-advisoryx_refsource_GENTOO
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23698 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/25802 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23758 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23705 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23689 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://securitytracker.com/id?1017495 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/24210 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://ftp.netbsd.org/pub/NetBSD/security/advisor… vendor-advisoryx_refsource_NETBSD
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.debian.org/security/2007/dsa-1249 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/24247 third-party-advisoryx_refsource_SECUNIA
    http://lists.freedesktop.org/archives/xorg-announ… mailing-listx_refsource_MLIST
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.ubuntu.com/usn/usn-403-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2007/2233 vdb-entryx_refsource_VUPEN
    http://osvdb.org/32085 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:31.657Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-0108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0108"
              },
              {
                "name": "ADV-2007-0669",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0669"
              },
              {
                "name": "SUSE-SA:2007:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
              },
              {
                "name": "21968",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21968"
              },
              {
                "name": "23789",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23789"
              },
              {
                "name": "HPSBUX02225",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "24168",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24168"
              },
              {
                "name": "23633",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23633"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
              },
              {
                "name": "23670",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23670"
              },
              {
                "name": "20070109 Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=464"
              },
              {
                "name": "24401",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24401"
              },
              {
                "name": "23684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23684"
              },
              {
                "name": "RHSA-2007:0002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
              },
              {
                "name": "ADV-2007-0589",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0589"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-920"
              },
              {
                "name": "ADV-2007-0109",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0109"
              },
              {
                "name": "23966",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23966"
              },
              {
                "name": "GLSA-200701-25",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
              },
              {
                "name": "SSRT071295",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "23698",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23698"
              },
              {
                "name": "25802",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25802"
              },
              {
                "name": "23758",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23758"
              },
              {
                "name": "23705",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23705"
              },
              {
                "name": "23689",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23689"
              },
              {
                "name": "102803",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
              },
              {
                "name": "1017495",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017495"
              },
              {
                "name": "24210",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24210"
              },
              {
                "name": "SSA:2007-066-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
              },
              {
                "name": "RHSA-2007:0003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
              },
              {
                "name": "NetBSD-SA2007-002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
              },
              {
                "name": "MDKSA-2007:005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
              },
              {
                "name": "DSA-1249",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2007/dsa-1249"
              },
              {
                "name": "24247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24247"
              },
              {
                "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
              },
              {
                "name": "oval:org.mitre.oval:def:9991",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9991"
              },
              {
                "name": "USN-403-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-403-1"
              },
              {
                "name": "ADV-2007-2233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2233"
              },
              {
                "name": "32085",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/32085"
              },
              {
                "name": "xorg-xserver-dbe-overflow(31376)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31376"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2007-0108",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0108"
            },
            {
              "name": "ADV-2007-0669",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0669"
            },
            {
              "name": "SUSE-SA:2007:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
            },
            {
              "name": "21968",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21968"
            },
            {
              "name": "23789",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23789"
            },
            {
              "name": "HPSBUX02225",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "24168",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24168"
            },
            {
              "name": "23633",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23633"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
            },
            {
              "name": "23670",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23670"
            },
            {
              "name": "20070109 Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=464"
            },
            {
              "name": "24401",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24401"
            },
            {
              "name": "23684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23684"
            },
            {
              "name": "RHSA-2007:0002",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
            },
            {
              "name": "ADV-2007-0589",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0589"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-920"
            },
            {
              "name": "ADV-2007-0109",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0109"
            },
            {
              "name": "23966",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23966"
            },
            {
              "name": "GLSA-200701-25",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
            },
            {
              "name": "SSRT071295",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "23698",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23698"
            },
            {
              "name": "25802",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25802"
            },
            {
              "name": "23758",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23758"
            },
            {
              "name": "23705",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23705"
            },
            {
              "name": "23689",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23689"
            },
            {
              "name": "102803",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
            },
            {
              "name": "1017495",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017495"
            },
            {
              "name": "24210",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24210"
            },
            {
              "name": "SSA:2007-066-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
            },
            {
              "name": "RHSA-2007:0003",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
            },
            {
              "name": "NetBSD-SA2007-002",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
            },
            {
              "name": "MDKSA-2007:005",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
            },
            {
              "name": "DSA-1249",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2007/dsa-1249"
            },
            {
              "name": "24247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24247"
            },
            {
              "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9991",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9991"
            },
            {
              "name": "USN-403-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-403-1"
            },
            {
              "name": "ADV-2007-2233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2233"
            },
            {
              "name": "32085",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/32085"
            },
            {
              "name": "xorg-xserver-dbe-overflow(31376)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31376"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-6102",
        "datePublished": "2007-01-09T23:00:00.000Z",
        "dateReserved": "2006-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:31.657Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3740 (GCVE-0-2006-3740)

    Vulnerability from nvd – Published: 2006-09-13 01:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/23907 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2006-06… vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/21900 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/21904 third-party-advisoryx_refsource_SECUNIA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/21864 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/21894 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-344-1 vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/21889 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/21908 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2006-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/22141 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/1171 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2006/dsa-1193 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/22080 third-party-advisoryx_refsource_SECUNIA
    https://issues.rpath.com/browse/RPL-614 x_refsource_CONFIRM
    http://www.vmware.com/support/esx25/doc/esx-254-2… x_refsource_CONFIRM
    http://secunia.com/advisories/22332 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22560 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/464268/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/23033 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/445812/100… mailing-listx_refsource_BUGTRAQ
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200609-07.xml vendor-advisoryx_refsource_GENTOO
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://secunia.com/advisories/24636 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2007/0322 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/21890 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/19974 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1016828 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/3581 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/21924 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3582 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23899 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-09-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:54.017Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "23907",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23907"
              },
              {
                "name": "RHSA-2006:0666",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
              },
              {
                "name": "21900",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21900"
              },
              {
                "name": "MDKSA-2006:164",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
              },
              {
                "name": "21904",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21904"
              },
              {
                "name": "SUSE-SR:2006:023",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
              },
              {
                "name": "21864",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21864"
              },
              {
                "name": "21894",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21894"
              },
              {
                "name": "USN-344-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-344-1"
              },
              {
                "name": "21889",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21889"
              },
              {
                "name": "21908",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21908"
              },
              {
                "name": "RHSA-2006:0665",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
              },
              {
                "name": "22141",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22141"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
              },
              {
                "name": "ADV-2007-1171",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1171"
              },
              {
                "name": "DSA-1193",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2006/dsa-1193"
              },
              {
                "name": "22080",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22080"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-614"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
              },
              {
                "name": "22332",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22332"
              },
              {
                "name": "22560",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22560"
              },
              {
                "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
              },
              {
                "name": "23033",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23033"
              },
              {
                "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
              },
              {
                "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027scan_cidfont()\u0027 Integer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
              },
              {
                "name": "oval:org.mitre.oval:def:9454",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
              },
              {
                "name": "GLSA-200609-07",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
              },
              {
                "name": "102780",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
              },
              {
                "name": "24636",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24636"
              },
              {
                "name": "ADV-2007-0322",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0322"
              },
              {
                "name": "21890",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21890"
              },
              {
                "name": "19974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19974"
              },
              {
                "name": "1016828",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016828"
              },
              {
                "name": "ADV-2006-3581",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3581"
              },
              {
                "name": "21924",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21924"
              },
              {
                "name": "ADV-2006-3582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3582"
              },
              {
                "name": "23899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23899"
              },
              {
                "name": "xorg-server-scancidfont-overflow(28890)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "23907",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23907"
            },
            {
              "name": "RHSA-2006:0666",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
            },
            {
              "name": "21900",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21900"
            },
            {
              "name": "MDKSA-2006:164",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
            },
            {
              "name": "21904",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21904"
            },
            {
              "name": "SUSE-SR:2006:023",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
            },
            {
              "name": "21864",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21864"
            },
            {
              "name": "21894",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21894"
            },
            {
              "name": "USN-344-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-344-1"
            },
            {
              "name": "21889",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21889"
            },
            {
              "name": "21908",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21908"
            },
            {
              "name": "RHSA-2006:0665",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
            },
            {
              "name": "22141",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22141"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
            },
            {
              "name": "ADV-2007-1171",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1171"
            },
            {
              "name": "DSA-1193",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1193"
            },
            {
              "name": "22080",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22080"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-614"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
            },
            {
              "name": "22332",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22332"
            },
            {
              "name": "22560",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22560"
            },
            {
              "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
            },
            {
              "name": "23033",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23033"
            },
            {
              "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
            },
            {
              "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027scan_cidfont()\u0027 Integer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
            },
            {
              "name": "oval:org.mitre.oval:def:9454",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
            },
            {
              "name": "GLSA-200609-07",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
            },
            {
              "name": "102780",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
            },
            {
              "name": "24636",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24636"
            },
            {
              "name": "ADV-2007-0322",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0322"
            },
            {
              "name": "21890",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21890"
            },
            {
              "name": "19974",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19974"
            },
            {
              "name": "1016828",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016828"
            },
            {
              "name": "ADV-2006-3581",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3581"
            },
            {
              "name": "21924",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21924"
            },
            {
              "name": "ADV-2006-3582",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3582"
            },
            {
              "name": "23899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23899"
            },
            {
              "name": "xorg-server-scancidfont-overflow(28890)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-3740",
        "datePublished": "2006-09-13T01:00:00.000Z",
        "dateReserved": "2006-07-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:54.017Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3739 (GCVE-0-2006-3739)

    Vulnerability from nvd – Published: 2006-09-13 01:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.redhat.com/support/errata/RHSA-2006-06… vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/21900 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/21904 third-party-advisoryx_refsource_SECUNIA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/21864 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/21894 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-344-1 vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/21889 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/21908 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.redhat.com/support/errata/RHSA-2006-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/22141 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/1171 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2006/dsa-1193 vendor-advisoryx_refsource_DEBIAN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/22080 third-party-advisoryx_refsource_SECUNIA
    https://issues.rpath.com/browse/RPL-614 x_refsource_CONFIRM
    http://www.vmware.com/support/esx25/doc/esx-254-2… x_refsource_CONFIRM
    http://secunia.com/advisories/22332 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22560 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/464268/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/23033 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/445812/100… mailing-listx_refsource_BUGTRAQ
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200609-07.xml vendor-advisoryx_refsource_GENTOO
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://secunia.com/advisories/24636 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2007/0322 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/21890 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/19974 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1016828 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/3581 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/21924 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3582 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23899 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-09-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:54.038Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2006:0666",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
              },
              {
                "name": "21900",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21900"
              },
              {
                "name": "MDKSA-2006:164",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
              },
              {
                "name": "21904",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21904"
              },
              {
                "name": "SUSE-SR:2006:023",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
              },
              {
                "name": "21864",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21864"
              },
              {
                "name": "21894",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21894"
              },
              {
                "name": "USN-344-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-344-1"
              },
              {
                "name": "21889",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21889"
              },
              {
                "name": "21908",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21908"
              },
              {
                "name": "102714",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102714-1"
              },
              {
                "name": "RHSA-2006:0665",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
              },
              {
                "name": "22141",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22141"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
              },
              {
                "name": "ADV-2007-1171",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1171"
              },
              {
                "name": "DSA-1193",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2006/dsa-1193"
              },
              {
                "name": "xorg-server-cidafm-overflow(28899)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28899"
              },
              {
                "name": "22080",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22080"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-614"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
              },
              {
                "name": "22332",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22332"
              },
              {
                "name": "22560",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22560"
              },
              {
                "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
              },
              {
                "name": "23033",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23033"
              },
              {
                "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
              },
              {
                "name": "oval:org.mitre.oval:def:10305",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10305"
              },
              {
                "name": "GLSA-200609-07",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
              },
              {
                "name": "102780",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
              },
              {
                "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027CIDAFM()\u0027 Integer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412"
              },
              {
                "name": "24636",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24636"
              },
              {
                "name": "ADV-2007-0322",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0322"
              },
              {
                "name": "21890",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21890"
              },
              {
                "name": "19974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19974"
              },
              {
                "name": "1016828",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016828"
              },
              {
                "name": "ADV-2006-3581",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3581"
              },
              {
                "name": "21924",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21924"
              },
              {
                "name": "ADV-2006-3582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3582"
              },
              {
                "name": "23899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23899"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2006:0666",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
            },
            {
              "name": "21900",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21900"
            },
            {
              "name": "MDKSA-2006:164",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
            },
            {
              "name": "21904",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21904"
            },
            {
              "name": "SUSE-SR:2006:023",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
            },
            {
              "name": "21864",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21864"
            },
            {
              "name": "21894",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21894"
            },
            {
              "name": "USN-344-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-344-1"
            },
            {
              "name": "21889",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21889"
            },
            {
              "name": "21908",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21908"
            },
            {
              "name": "102714",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102714-1"
            },
            {
              "name": "RHSA-2006:0665",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
            },
            {
              "name": "22141",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22141"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
            },
            {
              "name": "ADV-2007-1171",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1171"
            },
            {
              "name": "DSA-1193",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1193"
            },
            {
              "name": "xorg-server-cidafm-overflow(28899)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28899"
            },
            {
              "name": "22080",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22080"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-614"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
            },
            {
              "name": "22332",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22332"
            },
            {
              "name": "22560",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22560"
            },
            {
              "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
            },
            {
              "name": "23033",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23033"
            },
            {
              "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
            },
            {
              "name": "oval:org.mitre.oval:def:10305",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10305"
            },
            {
              "name": "GLSA-200609-07",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
            },
            {
              "name": "102780",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
            },
            {
              "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027CIDAFM()\u0027 Integer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412"
            },
            {
              "name": "24636",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24636"
            },
            {
              "name": "ADV-2007-0322",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0322"
            },
            {
              "name": "21890",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21890"
            },
            {
              "name": "19974",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19974"
            },
            {
              "name": "1016828",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016828"
            },
            {
              "name": "ADV-2006-3581",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3581"
            },
            {
              "name": "21924",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21924"
            },
            {
              "name": "ADV-2006-3582",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3582"
            },
            {
              "name": "23899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23899"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-3739",
        "datePublished": "2006-09-13T01:00:00.000Z",
        "dateReserved": "2006-07-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:54.038Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0197 (GCVE-0-2006-0197)

    Vulnerability from nvd – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a "long" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and might allow attackers to cause a denial of service (application crash) and possibly conduct other attacks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/421256/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:33.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060108 xorg server 6.8.2 and below on 64bit arch",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/421256/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a \"long\" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and might allow attackers to cause a denial of service (application crash) and possibly conduct other attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060108 xorg server 6.8.2 and below on 64bit arch",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/421256/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a \"long\" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and might allow attackers to cause a denial of service (application crash) and possibly conduct other attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060108 xorg server 6.8.2 and below on 64bit arch",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/421256/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0197",
        "datePublished": "2006-01-13T23:00:00.000Z",
        "dateReserved": "2006-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:33.986Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-4818 (GCVE-0-2010-4818)

    Vulnerability from cvelistv5 – Published: 2012-09-05 23:00 – Updated: 2024-08-07 04:02
    VLAI
    Summary
    The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:02:29.487Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.freedesktop.org/show_bug.cgi?id=28823"
              },
              {
                "name": "[oss-security] 20110923 Re: CVE Request: Missing input sanitation in various X GLX calls",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/23/6"
              },
              {
                "name": "RHSA-2011:1359",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2011-1359.html"
              },
              {
                "name": "RHSA-2011:1360",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2011-1360.html"
              },
              {
                "name": "[oss-security] 20110923 Re: CVE Request: Missing input sanitation in various X GLX calls",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/23/4"
              },
              {
                "name": "[oss-security] 20110922 CVE Request: Missing input sanitation in various X GLX calls",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/09/22/7"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=3f0d3f4d97bce75c1828635c322b6560a45a037f"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=740954"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=ec9c97c6bf70b523bc500bd3adf62176f1bb33a4"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-05T23:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.freedesktop.org/show_bug.cgi?id=28823"
            },
            {
              "name": "[oss-security] 20110923 Re: CVE Request: Missing input sanitation in various X GLX calls",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/23/6"
            },
            {
              "name": "RHSA-2011:1359",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2011-1359.html"
            },
            {
              "name": "RHSA-2011:1360",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2011-1360.html"
            },
            {
              "name": "[oss-security] 20110923 Re: CVE Request: Missing input sanitation in various X GLX calls",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/23/4"
            },
            {
              "name": "[oss-security] 20110922 CVE Request: Missing input sanitation in various X GLX calls",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/09/22/7"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=3f0d3f4d97bce75c1828635c322b6560a45a037f"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=740954"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=ec9c97c6bf70b523bc500bd3adf62176f1bb33a4"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://cgit.freedesktop.org/xorg/xserver/commit?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-4818",
        "datePublished": "2012-09-05T23:00:00.000Z",
        "dateReserved": "2011-08-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:02:29.487Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6103 (GCVE-0-2006-6103)

    Vulnerability from cvelistv5 – Published: 2007-01-09 23:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/0108 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2007/0669 vdb-entryx_refsource_VUPEN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/bid/21968 vdb-entryx_refsource_BID
    http://secunia.com/advisories/23789 third-party-advisoryx_refsource_SECUNIA
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://secunia.com/advisories/24168 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23633 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23670 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/24401 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23684 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2007/0589 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://issues.rpath.com/browse/RPL-920 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/0109 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/23966 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200701-25.xml vendor-advisoryx_refsource_GENTOO
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23698 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/25802 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23758 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23705 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23689 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://securitytracker.com/id?1017495 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/24210 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://ftp.netbsd.org/pub/NetBSD/security/advisor… vendor-advisoryx_refsource_NETBSD
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.debian.org/security/2007/dsa-1249 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/24247 third-party-advisoryx_refsource_SECUNIA
    http://lists.freedesktop.org/archives/xorg-announ… mailing-listx_refsource_MLIST
    http://www.ubuntu.com/usn/usn-403-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2007/2233 vdb-entryx_refsource_VUPEN
    http://osvdb.org/32086 vdb-entryx_refsource_OSVDB
    Date Public
    2007-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:31.759Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-0108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0108"
              },
              {
                "name": "ADV-2007-0669",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0669"
              },
              {
                "name": "SUSE-SA:2007:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
              },
              {
                "name": "20070109 Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=465"
              },
              {
                "name": "21968",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21968"
              },
              {
                "name": "23789",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23789"
              },
              {
                "name": "HPSBUX02225",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "24168",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24168"
              },
              {
                "name": "23633",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23633"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
              },
              {
                "name": "23670",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23670"
              },
              {
                "name": "24401",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24401"
              },
              {
                "name": "23684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23684"
              },
              {
                "name": "RHSA-2007:0002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
              },
              {
                "name": "ADV-2007-0589",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0589"
              },
              {
                "name": "xorg-xserver-dbe-swap-overflow(31379)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31379"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-920"
              },
              {
                "name": "ADV-2007-0109",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0109"
              },
              {
                "name": "oval:org.mitre.oval:def:11011",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11011"
              },
              {
                "name": "23966",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23966"
              },
              {
                "name": "GLSA-200701-25",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
              },
              {
                "name": "SSRT071295",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "23698",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23698"
              },
              {
                "name": "25802",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25802"
              },
              {
                "name": "23758",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23758"
              },
              {
                "name": "23705",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23705"
              },
              {
                "name": "23689",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23689"
              },
              {
                "name": "102803",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
              },
              {
                "name": "1017495",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017495"
              },
              {
                "name": "24210",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24210"
              },
              {
                "name": "SSA:2007-066-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
              },
              {
                "name": "RHSA-2007:0003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
              },
              {
                "name": "NetBSD-SA2007-002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
              },
              {
                "name": "MDKSA-2007:005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
              },
              {
                "name": "DSA-1249",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2007/dsa-1249"
              },
              {
                "name": "24247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24247"
              },
              {
                "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
              },
              {
                "name": "USN-403-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-403-1"
              },
              {
                "name": "ADV-2007-2233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2233"
              },
              {
                "name": "32086",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/32086"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2007-0108",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0108"
            },
            {
              "name": "ADV-2007-0669",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0669"
            },
            {
              "name": "SUSE-SA:2007:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
            },
            {
              "name": "20070109 Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=465"
            },
            {
              "name": "21968",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21968"
            },
            {
              "name": "23789",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23789"
            },
            {
              "name": "HPSBUX02225",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "24168",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24168"
            },
            {
              "name": "23633",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23633"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
            },
            {
              "name": "23670",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23670"
            },
            {
              "name": "24401",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24401"
            },
            {
              "name": "23684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23684"
            },
            {
              "name": "RHSA-2007:0002",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
            },
            {
              "name": "ADV-2007-0589",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0589"
            },
            {
              "name": "xorg-xserver-dbe-swap-overflow(31379)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31379"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-920"
            },
            {
              "name": "ADV-2007-0109",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0109"
            },
            {
              "name": "oval:org.mitre.oval:def:11011",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11011"
            },
            {
              "name": "23966",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23966"
            },
            {
              "name": "GLSA-200701-25",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
            },
            {
              "name": "SSRT071295",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "23698",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23698"
            },
            {
              "name": "25802",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25802"
            },
            {
              "name": "23758",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23758"
            },
            {
              "name": "23705",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23705"
            },
            {
              "name": "23689",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23689"
            },
            {
              "name": "102803",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
            },
            {
              "name": "1017495",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017495"
            },
            {
              "name": "24210",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24210"
            },
            {
              "name": "SSA:2007-066-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
            },
            {
              "name": "RHSA-2007:0003",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
            },
            {
              "name": "NetBSD-SA2007-002",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
            },
            {
              "name": "MDKSA-2007:005",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
            },
            {
              "name": "DSA-1249",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2007/dsa-1249"
            },
            {
              "name": "24247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24247"
            },
            {
              "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
            },
            {
              "name": "USN-403-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-403-1"
            },
            {
              "name": "ADV-2007-2233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2233"
            },
            {
              "name": "32086",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/32086"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-6103",
        "datePublished": "2007-01-09T23:00:00.000Z",
        "dateReserved": "2006-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:31.759Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6101 (GCVE-0-2006-6101)

    Vulnerability from cvelistv5 – Published: 2007-01-09 23:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/0108 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2007/0669 vdb-entryx_refsource_VUPEN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.securityfocus.com/bid/21968 vdb-entryx_refsource_BID
    http://secunia.com/advisories/23789 third-party-advisoryx_refsource_SECUNIA
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://secunia.com/advisories/24168 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23633 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23670 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/32084 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/24401 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/23684 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2007/0589 vdb-entryx_refsource_VUPEN
    https://issues.rpath.com/browse/RPL-920 x_refsource_CONFIRM
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.vupen.com/english/advisories/2007/0109 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23966 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200701-25.xml vendor-advisoryx_refsource_GENTOO
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23698 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/25802 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23758 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23705 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23689 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://securitytracker.com/id?1017495 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/24210 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://ftp.netbsd.org/pub/NetBSD/security/advisor… vendor-advisoryx_refsource_NETBSD
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.debian.org/security/2007/dsa-1249 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/24247 third-party-advisoryx_refsource_SECUNIA
    http://lists.freedesktop.org/archives/xorg-announ… mailing-listx_refsource_MLIST
    http://www.ubuntu.com/usn/usn-403-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2007/2233 vdb-entryx_refsource_VUPEN
    Date Public
    2007-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:31.636Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-0108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0108"
              },
              {
                "name": "ADV-2007-0669",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0669"
              },
              {
                "name": "SUSE-SA:2007:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
              },
              {
                "name": "21968",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21968"
              },
              {
                "name": "23789",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23789"
              },
              {
                "name": "HPSBUX02225",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "24168",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24168"
              },
              {
                "name": "23633",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23633"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
              },
              {
                "name": "23670",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23670"
              },
              {
                "name": "32084",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/32084"
              },
              {
                "name": "xorg-xserver-render-overflow(31337)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31337"
              },
              {
                "name": "24401",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24401"
              },
              {
                "name": "oval:org.mitre.oval:def:10490",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10490"
              },
              {
                "name": "23684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23684"
              },
              {
                "name": "RHSA-2007:0002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
              },
              {
                "name": "ADV-2007-0589",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0589"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-920"
              },
              {
                "name": "20070109 Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463"
              },
              {
                "name": "ADV-2007-0109",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0109"
              },
              {
                "name": "23966",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23966"
              },
              {
                "name": "GLSA-200701-25",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
              },
              {
                "name": "SSRT071295",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "23698",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23698"
              },
              {
                "name": "25802",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25802"
              },
              {
                "name": "23758",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23758"
              },
              {
                "name": "23705",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23705"
              },
              {
                "name": "23689",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23689"
              },
              {
                "name": "102803",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
              },
              {
                "name": "1017495",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017495"
              },
              {
                "name": "24210",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24210"
              },
              {
                "name": "SSA:2007-066-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
              },
              {
                "name": "RHSA-2007:0003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
              },
              {
                "name": "NetBSD-SA2007-002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
              },
              {
                "name": "MDKSA-2007:005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
              },
              {
                "name": "DSA-1249",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2007/dsa-1249"
              },
              {
                "name": "24247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24247"
              },
              {
                "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
              },
              {
                "name": "USN-403-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-403-1"
              },
              {
                "name": "ADV-2007-2233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2233"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2007-0108",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0108"
            },
            {
              "name": "ADV-2007-0669",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0669"
            },
            {
              "name": "SUSE-SA:2007:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
            },
            {
              "name": "21968",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21968"
            },
            {
              "name": "23789",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23789"
            },
            {
              "name": "HPSBUX02225",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "24168",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24168"
            },
            {
              "name": "23633",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23633"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
            },
            {
              "name": "23670",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23670"
            },
            {
              "name": "32084",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/32084"
            },
            {
              "name": "xorg-xserver-render-overflow(31337)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31337"
            },
            {
              "name": "24401",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24401"
            },
            {
              "name": "oval:org.mitre.oval:def:10490",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10490"
            },
            {
              "name": "23684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23684"
            },
            {
              "name": "RHSA-2007:0002",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
            },
            {
              "name": "ADV-2007-0589",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0589"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-920"
            },
            {
              "name": "20070109 Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=463"
            },
            {
              "name": "ADV-2007-0109",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0109"
            },
            {
              "name": "23966",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23966"
            },
            {
              "name": "GLSA-200701-25",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
            },
            {
              "name": "SSRT071295",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "23698",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23698"
            },
            {
              "name": "25802",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25802"
            },
            {
              "name": "23758",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23758"
            },
            {
              "name": "23705",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23705"
            },
            {
              "name": "23689",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23689"
            },
            {
              "name": "102803",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
            },
            {
              "name": "1017495",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017495"
            },
            {
              "name": "24210",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24210"
            },
            {
              "name": "SSA:2007-066-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
            },
            {
              "name": "RHSA-2007:0003",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
            },
            {
              "name": "NetBSD-SA2007-002",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
            },
            {
              "name": "MDKSA-2007:005",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
            },
            {
              "name": "DSA-1249",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2007/dsa-1249"
            },
            {
              "name": "24247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24247"
            },
            {
              "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
            },
            {
              "name": "USN-403-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-403-1"
            },
            {
              "name": "ADV-2007-2233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2233"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-6101",
        "datePublished": "2007-01-09T23:00:00.000Z",
        "dateReserved": "2006-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:31.636Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6102 (GCVE-0-2006-6102)

    Vulnerability from cvelistv5 – Published: 2007-01-09 23:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/0108 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2007/0669 vdb-entryx_refsource_VUPEN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.securityfocus.com/bid/21968 vdb-entryx_refsource_BID
    http://secunia.com/advisories/23789 third-party-advisoryx_refsource_SECUNIA
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://secunia.com/advisories/24168 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23633 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23670 third-party-advisoryx_refsource_SECUNIA
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://secunia.com/advisories/24401 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23684 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2007/0589 vdb-entryx_refsource_VUPEN
    https://issues.rpath.com/browse/RPL-920 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/0109 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23966 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200701-25.xml vendor-advisoryx_refsource_GENTOO
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/23698 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/25802 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23758 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23705 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/23689 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://securitytracker.com/id?1017495 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/24210 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://www.redhat.com/support/errata/RHSA-2007-00… vendor-advisoryx_refsource_REDHAT
    http://ftp.netbsd.org/pub/NetBSD/security/advisor… vendor-advisoryx_refsource_NETBSD
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.debian.org/security/2007/dsa-1249 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/24247 third-party-advisoryx_refsource_SECUNIA
    http://lists.freedesktop.org/archives/xorg-announ… mailing-listx_refsource_MLIST
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.ubuntu.com/usn/usn-403-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2007/2233 vdb-entryx_refsource_VUPEN
    http://osvdb.org/32085 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:31.657Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-0108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0108"
              },
              {
                "name": "ADV-2007-0669",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0669"
              },
              {
                "name": "SUSE-SA:2007:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
              },
              {
                "name": "21968",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21968"
              },
              {
                "name": "23789",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23789"
              },
              {
                "name": "HPSBUX02225",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "24168",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24168"
              },
              {
                "name": "23633",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23633"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
              },
              {
                "name": "23670",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23670"
              },
              {
                "name": "20070109 Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=464"
              },
              {
                "name": "24401",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24401"
              },
              {
                "name": "23684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23684"
              },
              {
                "name": "RHSA-2007:0002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
              },
              {
                "name": "ADV-2007-0589",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0589"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-920"
              },
              {
                "name": "ADV-2007-0109",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0109"
              },
              {
                "name": "23966",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23966"
              },
              {
                "name": "GLSA-200701-25",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
              },
              {
                "name": "SSRT071295",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
              },
              {
                "name": "23698",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23698"
              },
              {
                "name": "25802",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25802"
              },
              {
                "name": "23758",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23758"
              },
              {
                "name": "23705",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23705"
              },
              {
                "name": "23689",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23689"
              },
              {
                "name": "102803",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
              },
              {
                "name": "1017495",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017495"
              },
              {
                "name": "24210",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24210"
              },
              {
                "name": "SSA:2007-066-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
              },
              {
                "name": "RHSA-2007:0003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
              },
              {
                "name": "NetBSD-SA2007-002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
              },
              {
                "name": "MDKSA-2007:005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
              },
              {
                "name": "DSA-1249",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2007/dsa-1249"
              },
              {
                "name": "24247",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24247"
              },
              {
                "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
              },
              {
                "name": "oval:org.mitre.oval:def:9991",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9991"
              },
              {
                "name": "USN-403-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-403-1"
              },
              {
                "name": "ADV-2007-2233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2233"
              },
              {
                "name": "32085",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/32085"
              },
              {
                "name": "xorg-xserver-dbe-overflow(31376)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31376"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "ADV-2007-0108",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0108"
            },
            {
              "name": "ADV-2007-0669",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0669"
            },
            {
              "name": "SUSE-SA:2007:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_08_x.html"
            },
            {
              "name": "21968",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21968"
            },
            {
              "name": "23789",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23789"
            },
            {
              "name": "HPSBUX02225",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "24168",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24168"
            },
            {
              "name": "23633",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23633"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
            },
            {
              "name": "23670",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23670"
            },
            {
              "name": "20070109 Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=464"
            },
            {
              "name": "24401",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24401"
            },
            {
              "name": "23684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23684"
            },
            {
              "name": "RHSA-2007:0002",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0002.html"
            },
            {
              "name": "ADV-2007-0589",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0589"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-920"
            },
            {
              "name": "ADV-2007-0109",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0109"
            },
            {
              "name": "23966",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23966"
            },
            {
              "name": "GLSA-200701-25",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200701-25.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-066.htm"
            },
            {
              "name": "SSRT071295",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01075678"
            },
            {
              "name": "23698",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23698"
            },
            {
              "name": "25802",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25802"
            },
            {
              "name": "23758",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23758"
            },
            {
              "name": "23705",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23705"
            },
            {
              "name": "23689",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23689"
            },
            {
              "name": "102803",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
            },
            {
              "name": "1017495",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017495"
            },
            {
              "name": "24210",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24210"
            },
            {
              "name": "SSA:2007-066-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.393555"
            },
            {
              "name": "RHSA-2007:0003",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0003.html"
            },
            {
              "name": "NetBSD-SA2007-002",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-002.txt.asc"
            },
            {
              "name": "MDKSA-2007:005",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:005"
            },
            {
              "name": "DSA-1249",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2007/dsa-1249"
            },
            {
              "name": "24247",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24247"
            },
            {
              "name": "[x-org announce] 20070109 X.Org Security Advisory: multiple integer overflows in dbe and render extensions",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-January/000235.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9991",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9991"
            },
            {
              "name": "USN-403-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-403-1"
            },
            {
              "name": "ADV-2007-2233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2233"
            },
            {
              "name": "32085",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/32085"
            },
            {
              "name": "xorg-xserver-dbe-overflow(31376)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31376"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-6102",
        "datePublished": "2007-01-09T23:00:00.000Z",
        "dateReserved": "2006-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:31.657Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3740 (GCVE-0-2006-3740)

    Vulnerability from cvelistv5 – Published: 2006-09-13 01:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/23907 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2006-06… vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/21900 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/21904 third-party-advisoryx_refsource_SECUNIA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/21864 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/21894 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-344-1 vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/21889 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/21908 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2006-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/22141 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/1171 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2006/dsa-1193 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/22080 third-party-advisoryx_refsource_SECUNIA
    https://issues.rpath.com/browse/RPL-614 x_refsource_CONFIRM
    http://www.vmware.com/support/esx25/doc/esx-254-2… x_refsource_CONFIRM
    http://secunia.com/advisories/22332 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22560 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/464268/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/23033 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/445812/100… mailing-listx_refsource_BUGTRAQ
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200609-07.xml vendor-advisoryx_refsource_GENTOO
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://secunia.com/advisories/24636 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2007/0322 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/21890 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/19974 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1016828 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/3581 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/21924 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3582 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23899 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-09-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:54.017Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "23907",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23907"
              },
              {
                "name": "RHSA-2006:0666",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
              },
              {
                "name": "21900",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21900"
              },
              {
                "name": "MDKSA-2006:164",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
              },
              {
                "name": "21904",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21904"
              },
              {
                "name": "SUSE-SR:2006:023",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
              },
              {
                "name": "21864",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21864"
              },
              {
                "name": "21894",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21894"
              },
              {
                "name": "USN-344-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-344-1"
              },
              {
                "name": "21889",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21889"
              },
              {
                "name": "21908",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21908"
              },
              {
                "name": "RHSA-2006:0665",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
              },
              {
                "name": "22141",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22141"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
              },
              {
                "name": "ADV-2007-1171",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1171"
              },
              {
                "name": "DSA-1193",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2006/dsa-1193"
              },
              {
                "name": "22080",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22080"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-614"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
              },
              {
                "name": "22332",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22332"
              },
              {
                "name": "22560",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22560"
              },
              {
                "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
              },
              {
                "name": "23033",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23033"
              },
              {
                "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
              },
              {
                "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027scan_cidfont()\u0027 Integer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
              },
              {
                "name": "oval:org.mitre.oval:def:9454",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
              },
              {
                "name": "GLSA-200609-07",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
              },
              {
                "name": "102780",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
              },
              {
                "name": "24636",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24636"
              },
              {
                "name": "ADV-2007-0322",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0322"
              },
              {
                "name": "21890",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21890"
              },
              {
                "name": "19974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19974"
              },
              {
                "name": "1016828",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016828"
              },
              {
                "name": "ADV-2006-3581",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3581"
              },
              {
                "name": "21924",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21924"
              },
              {
                "name": "ADV-2006-3582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3582"
              },
              {
                "name": "23899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23899"
              },
              {
                "name": "xorg-server-scancidfont-overflow(28890)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "23907",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23907"
            },
            {
              "name": "RHSA-2006:0666",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
            },
            {
              "name": "21900",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21900"
            },
            {
              "name": "MDKSA-2006:164",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
            },
            {
              "name": "21904",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21904"
            },
            {
              "name": "SUSE-SR:2006:023",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
            },
            {
              "name": "21864",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21864"
            },
            {
              "name": "21894",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21894"
            },
            {
              "name": "USN-344-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-344-1"
            },
            {
              "name": "21889",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21889"
            },
            {
              "name": "21908",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21908"
            },
            {
              "name": "RHSA-2006:0665",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
            },
            {
              "name": "22141",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22141"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
            },
            {
              "name": "ADV-2007-1171",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1171"
            },
            {
              "name": "DSA-1193",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1193"
            },
            {
              "name": "22080",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22080"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-614"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
            },
            {
              "name": "22332",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22332"
            },
            {
              "name": "22560",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22560"
            },
            {
              "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
            },
            {
              "name": "23033",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23033"
            },
            {
              "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
            },
            {
              "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027scan_cidfont()\u0027 Integer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411"
            },
            {
              "name": "oval:org.mitre.oval:def:9454",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9454"
            },
            {
              "name": "GLSA-200609-07",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
            },
            {
              "name": "102780",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
            },
            {
              "name": "24636",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24636"
            },
            {
              "name": "ADV-2007-0322",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0322"
            },
            {
              "name": "21890",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21890"
            },
            {
              "name": "19974",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19974"
            },
            {
              "name": "1016828",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016828"
            },
            {
              "name": "ADV-2006-3581",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3581"
            },
            {
              "name": "21924",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21924"
            },
            {
              "name": "ADV-2006-3582",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3582"
            },
            {
              "name": "23899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23899"
            },
            {
              "name": "xorg-server-scancidfont-overflow(28890)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28890"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-3740",
        "datePublished": "2006-09-13T01:00:00.000Z",
        "dateReserved": "2006-07-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:54.017Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3739 (GCVE-0-2006-3739)

    Vulnerability from cvelistv5 – Published: 2006-09-13 01:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.redhat.com/support/errata/RHSA-2006-06… vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/21900 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/21904 third-party-advisoryx_refsource_SECUNIA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/21864 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/21894 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-344-1 vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/21889 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/21908 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.redhat.com/support/errata/RHSA-2006-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/22141 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/1171 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2006/dsa-1193 vendor-advisoryx_refsource_DEBIAN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/22080 third-party-advisoryx_refsource_SECUNIA
    https://issues.rpath.com/browse/RPL-614 x_refsource_CONFIRM
    http://www.vmware.com/support/esx25/doc/esx-254-2… x_refsource_CONFIRM
    http://secunia.com/advisories/22332 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/22560 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/464268/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/23033 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/445812/100… mailing-listx_refsource_BUGTRAQ
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200609-07.xml vendor-advisoryx_refsource_GENTOO
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://secunia.com/advisories/24636 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2007/0322 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/21890 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/19974 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1016828 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/3581 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/21924 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3582 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23899 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-09-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:54.038Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2006:0666",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
              },
              {
                "name": "21900",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21900"
              },
              {
                "name": "MDKSA-2006:164",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
              },
              {
                "name": "21904",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21904"
              },
              {
                "name": "SUSE-SR:2006:023",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
              },
              {
                "name": "21864",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21864"
              },
              {
                "name": "21894",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21894"
              },
              {
                "name": "USN-344-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-344-1"
              },
              {
                "name": "21889",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21889"
              },
              {
                "name": "21908",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21908"
              },
              {
                "name": "102714",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102714-1"
              },
              {
                "name": "RHSA-2006:0665",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
              },
              {
                "name": "22141",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22141"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
              },
              {
                "name": "ADV-2007-1171",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1171"
              },
              {
                "name": "DSA-1193",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2006/dsa-1193"
              },
              {
                "name": "xorg-server-cidafm-overflow(28899)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28899"
              },
              {
                "name": "22080",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22080"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-614"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
              },
              {
                "name": "22332",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22332"
              },
              {
                "name": "22560",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22560"
              },
              {
                "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
              },
              {
                "name": "23033",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23033"
              },
              {
                "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
              },
              {
                "name": "oval:org.mitre.oval:def:10305",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10305"
              },
              {
                "name": "GLSA-200609-07",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
              },
              {
                "name": "102780",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
              },
              {
                "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027CIDAFM()\u0027 Integer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412"
              },
              {
                "name": "24636",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24636"
              },
              {
                "name": "ADV-2007-0322",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0322"
              },
              {
                "name": "21890",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21890"
              },
              {
                "name": "19974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19974"
              },
              {
                "name": "1016828",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016828"
              },
              {
                "name": "ADV-2006-3581",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3581"
              },
              {
                "name": "21924",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21924"
              },
              {
                "name": "ADV-2006-3582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3582"
              },
              {
                "name": "23899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23899"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2006:0666",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0666.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-191.htm"
            },
            {
              "name": "21900",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21900"
            },
            {
              "name": "MDKSA-2006:164",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:164"
            },
            {
              "name": "21904",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21904"
            },
            {
              "name": "SUSE-SR:2006:023",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
            },
            {
              "name": "21864",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21864"
            },
            {
              "name": "21894",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21894"
            },
            {
              "name": "USN-344-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-344-1"
            },
            {
              "name": "21889",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21889"
            },
            {
              "name": "21908",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21908"
            },
            {
              "name": "102714",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102714-1"
            },
            {
              "name": "RHSA-2006:0665",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0665.html"
            },
            {
              "name": "22141",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22141"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-190.htm"
            },
            {
              "name": "ADV-2007-1171",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1171"
            },
            {
              "name": "DSA-1193",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1193"
            },
            {
              "name": "xorg-server-cidafm-overflow(28899)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28899"
            },
            {
              "name": "22080",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22080"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-614"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
            },
            {
              "name": "22332",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22332"
            },
            {
              "name": "22560",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22560"
            },
            {
              "name": "20070330 VMSA-2007-0002 VMware ESX security updates",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
            },
            {
              "name": "23033",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23033"
            },
            {
              "name": "20060912 rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445812/100/0/threaded"
            },
            {
              "name": "oval:org.mitre.oval:def:10305",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10305"
            },
            {
              "name": "GLSA-200609-07",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200609-07.xml"
            },
            {
              "name": "102780",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102780-1"
            },
            {
              "name": "20060912 Multiple Vendor X Server CID-keyed Fonts \u0027CIDAFM()\u0027 Integer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412"
            },
            {
              "name": "24636",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24636"
            },
            {
              "name": "ADV-2007-0322",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0322"
            },
            {
              "name": "21890",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21890"
            },
            {
              "name": "19974",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19974"
            },
            {
              "name": "1016828",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016828"
            },
            {
              "name": "ADV-2006-3581",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3581"
            },
            {
              "name": "21924",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21924"
            },
            {
              "name": "ADV-2006-3582",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3582"
            },
            {
              "name": "23899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23899"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-3739",
        "datePublished": "2006-09-13T01:00:00.000Z",
        "dateReserved": "2006-07-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:54.038Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0197 (GCVE-0-2006-0197)

    Vulnerability from cvelistv5 – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a "long" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and might allow attackers to cause a denial of service (application crash) and possibly conduct other attacks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/421256/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:33.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060108 xorg server 6.8.2 and below on 64bit arch",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/421256/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a \"long\" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and might allow attackers to cause a denial of service (application crash) and possibly conduct other attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060108 xorg server 6.8.2 and below on 64bit arch",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/421256/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a \"long\" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and might allow attackers to cause a denial of service (application crash) and possibly conduct other attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060108 xorg server 6.8.2 and below on 64bit arch",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/421256/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0197",
        "datePublished": "2006-01-13T23:00:00.000Z",
        "dateReserved": "2006-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:33.986Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }