X.org: Security Vulnerabilities
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
CVSS Score
7.5
EPSS Score
0.028
Published
2004-08-18
Race condition in xterm allows local users to modify arbitrary files via the logging option.
CVSS Score
6.2
EPSS Score
0.002
Published
1997-09-19
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
CVSS Score
10.0
EPSS Score
0.791
Published
1997-07-01
Page 16