Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name (argv[0]).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| windowmaker | windowmaker | * |
wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| windowmaker | wmmon | 1.0b2 |
Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7.1 |
| windowmaker | wmmon | 1.0b2 |
Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows remote attackers to execute arbitrary code via a long window title.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| windowmaker | windowmaker | 0.62.1 |
| windowmaker | windowmaker | 0.61 |
| windowmaker | windowmaker | 0.62 |
| windowmaker | windowmaker | 0.63.1 |
| windowmaker | windowmaker | * |
| windowmaker | windowmaker | 0.61.1 |
| windowmaker | windowmaker | 0.60 |
| windowmaker | windowmaker | 0.63 |
Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| windowmaker | windowmaker | 0.62.1 |
| windowmaker | windowmaker | 0.62 |
| windowmaker | windowmaker | 0.63.1 |
| windowmaker | windowmaker | 0.20.1.3 |
| windowmaker | windowmaker | 0.52.2 |
| windowmaker | windowmaker | 0.65 |
| windowmaker | windowmaker | 0.61 |
| windowmaker | windowmaker | 0.53 |
| windowmaker | windowmaker | 0.61.1 |
| windowmaker | windowmaker | 0.80 |
| windowmaker | windowmaker | 0.63 |
| windowmaker | windowmaker | 0.64 |
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-134,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| windowmaker | windowmaker | 0.62.1 |
| windowmaker | windowmaker | 0.65.1 |
| windowmaker | windowmaker | 0.80.2 |
| windowmaker | windowmaker | 0.62 |
| windowmaker | windowmaker | 0.63.1 |
| windowmaker | windowmaker | 0.20.1.3 |
| windowmaker | windowmaker | 0.52.2 |
| windowmaker | windowmaker | 0.65 |
| windowmaker | windowmaker | 0.60.0 |
| windowmaker | windowmaker | 0.61 |
| windowmaker | windowmaker | 0.53 |
| windowmaker | windowmaker | 0.61.1 |
| windowmaker | windowmaker | 0.80 |
| windowmaker | windowmaker | 0.60 |
| windowmaker | windowmaker | 0.63 |
| windowmaker | windowmaker | 0.64 |