Xfree86 Project: >> Xfree86 X Server Security Vulnerabilities
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.
CVSS Score
10.0
EPSS Score
0.025
Published
2006-12-31
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
CVSS Score
3.6
EPSS Score
0.001
Published
2003-07-24