MidnightBSD

Advisories for xi_graphics

CVE-1999-0778 HIGH

Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
xi_graphics accelerated-x_server 4
xi_graphics accelerated-x_server 5
CVE-2002-0677 HIGH

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
caldera unixware 7.1.1
sgi irix 6.5.2
hp hp-ux 11.11
sgi irix 6.5.12
sgi irix 6.0.1
sun sunos 5.5.1
sgi irix 6.5.5
sgi irix 6.0
caldera unixware 7.1_.0
hp hp-ux 10.10
hp hp-ux 11.00
sgi irix 6.5
ibm aix 4.3.3
sgi irix 6.5.13
xi_graphics dextop 2.1
sgi irix 6.2
sgi irix 6.3
sun sunos 5.8
compaq tru64 4.0g
compaq tru64 5.1
compaq tru64 5.0a
sgi irix 6.5.11
hp hp-ux 10.24
sgi irix 6.5.15
sgi irix 6.1
sgi irix 6.5.1
sgi irix 5.2
sgi irix 6.4
hp hp-ux 10.20
sgi irix 6.5.3
sgi irix 6.5.7
sgi irix 6.5.4
sgi irix 6.5.10
ibm aix 5.1
compaq tru64 5.1a
sun sunos 5.7
sgi irix 6.5.8
sgi irix 5.3
sgi irix 6.5.6
caldera unixware 7
sgi irix 6.5.16
sun solaris 2.6
sgi irix 6.5.14
caldera openunix 8.0
sgi irix 6.5.9
compaq tru64 4.0f
CVE-2002-0678 HIGH

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
caldera unixware 7.1.1
sgi irix 6.5.2
hp hp-ux 11.11
sgi irix 6.5.12
sgi irix 6.0.1
sun sunos 5.5.1
sgi irix 6.5.5
caldera unixware 7.1.0
sgi irix 6.0
hp hp-ux 10.10
hp hp-ux 11.00
sgi irix 6.5
ibm aix 4.3.3
sgi irix 6.5.13
xi_graphics dextop 2.1
sgi irix 6.2
sgi irix 6.3
sun sunos 5.8
compaq tru64 4.0g
compaq tru64 5.1
compaq tru64 5.0a
sun solaris 9.0
sgi irix 6.5.11
hp hp-ux 10.24
sgi irix 6.5.15
sgi irix 6.1
sgi irix 6.5.1
sgi irix 5.2
sgi irix 6.4
hp hp-ux 10.20
caldera unixware 7.0
sgi irix 6.5.3
sgi irix 6.5.7
sgi irix 6.5.4
sgi irix 6.5.10
ibm aix 5.1
compaq tru64 5.1a
sun sunos 5.7
sgi irix 6.5.8
sgi irix 5.3
sgi irix 6.5.6
sgi irix 6.5.16
sun solaris 2.6
sgi irix 6.5.14
caldera openunix 8.0
sgi irix 6.5.9
compaq tru64 4.0f
CVE-2002-0679 HIGH

Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
caldera unixware 7.1.1
hp hp-ux 11.11
hp hp-ux 10.20
caldera unixware 7.0
sun sunos 5.5.1
caldera unixware 7.1.0
hp hp-ux 10.10
hp hp-ux 11.00
ibm aix 5.1
ibm aix 4.3.3
compaq tru64 5.1a
sun sunos 5.7
xi_graphics dextop 2.1
sun solaris 2.6
sun sunos 5.8
compaq tru64 4.0g
caldera openunix 8.0
compaq tru64 5.1
compaq tru64 5.0a
sun solaris 9.0
hp hp-ux 10.24
compaq tru64 4.0f
CVE-2004-0368 HIGH

Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
open_group cde_common_desktop_environment 2.0
open_group cde_common_desktop_environment 1.0.2
open_group cde_common_desktop_environment 1.0.1
open_group cde_common_desktop_environment 1.2
ibm aix 5.1
ibm aix 4.3.3
xi_graphics dextop 2.1
xi_graphics dextop 3.0
open_group cde_common_desktop_environment 2.1
ibm aix 5.2
open_group cde_common_desktop_environment 1.1
open_group cde_common_desktop_environment 2.1.20