CVE-2011-0465 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 95%

Affected Products (NVD)

Vendor	Product	Version
matthias_hopf	xrdb	𝑥 ≤ 1.0.8
matthias_hopf	xrdb	1.0.2
matthias_hopf	xrdb	1.0.3
matthias_hopf	xrdb	1.0.4
matthias_hopf	xrdb	1.0.5
matthias_hopf	xrdb	1.0.6
matthias_hopf	xrdb	1.0.7
x	x11	𝑥 ≤ r7.6
x	x11	r6.1
x	x11	r6.3
x	x11	r6.4
x	x11	r6.5.1
x	x11	r6.6
x	x11	r6.7
x	x11	r6.7.0
x	x11	r6.8.0
x	x11	r6.8.1
x	x11	r6.8.2
x	x11	r6.9.0
x	x11	r7.0
x	x11	r7.1
x	x11	r7.2
x	x11	r7.3
x	x11	r7.4
x	x11	r7.5

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

x11-xserver-utils

bookworm	7.7+9 fixed
bullseye	7.7+8 fixed
sid	7.7+10 fixed
trixie	7.7+10 fixed

Ubuntu Releases

Ubuntu Product

Codename

x11-xserver-utils

dapper	dne
hardy	Fixed 7.3+2ubuntu0.1 released
karmic	Fixed 7.4+2ubuntu3.1 released
lucid	Fixed 7.5+1ubuntu2.1 released
maverick	Fixed 7.5+2ubuntu1.1 released

openSUSE / SLES Releases

openSUSE Product

Release

xrdb

suse enterprise desktop 15	1.1.0-1.24 fixed
suse enterprise desktop 15 SP1	1.1.0-3.4.1 fixed
suse enterprise desktop 15 SP2	1.1.0-3.4.1 fixed
suse enterprise desktop 15 SP3	1.1.0-3.4.1 fixed
suse enterprise desktop 15 SP4	1.1.0-3.4.1 fixed
suse enterprise desktop 15 SP5	1.1.0-3.4.1 fixed
suse enterprise desktop 15 SP6	1.1.0-150000.3.7.1 fixed
suse enterprise desktop 15 SP7	1.1.0-150000.3.7.1 fixed
suse enterprise sap 15	1.1.0-1.24 fixed
suse enterprise sap 15 SP1	1.1.0-3.4.1 fixed
suse enterprise sap 15 SP2	1.1.0-3.4.1 fixed
suse enterprise sap 15 SP3	1.1.0-3.4.1 fixed
suse enterprise sap 15 SP4	1.1.0-3.4.1 fixed
suse enterprise sap 15 SP5	1.1.0-3.4.1 fixed
suse enterprise sap 15 SP6	1.1.0-150000.3.7.1 fixed
suse enterprise sap 15 SP7	1.1.0-150000.3.7.1 fixed
suse enterprise server 12	1.1.0-3.58 fixed
suse enterprise server 12 SP2	1.1.0-3.58 fixed
suse enterprise server 12 SP3	1.1.0-3.58 fixed
suse enterprise server 12 SP4	1.1.0-3.58 fixed
suse enterprise server 15	1.1.0-1.24 fixed
suse enterprise server 15 SP1	1.1.0-3.4.1 fixed
suse enterprise server 15 SP2	1.1.0-3.4.1 fixed
suse enterprise server 15 SP3	1.1.0-3.4.1 fixed
suse enterprise server 15 SP4	1.1.0-3.4.1 fixed
suse enterprise server 15 SP5	1.1.0-3.4.1 fixed
suse enterprise server 15 SP6	1.1.0-150000.3.7.1 fixed
suse enterprise server 15 SP7	1.1.0-150000.3.7.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

xorg-x11-server-utils

RHEL 6

0:7.4-15.el6_0.1

fixed

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057928.html

http://lists.freedesktop.org/archives/xorg-announce/2011-April/001635.html

http://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.html

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00002.html

http://secunia.com/advisories/44010

http://secunia.com/advisories/44012

http://secunia.com/advisories/44040

http://secunia.com/advisories/44082

http://secunia.com/advisories/44122

http://secunia.com/advisories/44123

http://secunia.com/advisories/44193

http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.465748

http://www.debian.org/security/2011/dsa-2213

http://www.mandriva.com/security/advisories?name=MDVSA-2011:076

http://www.redhat.com/support/errata/RHSA-2011-0432.html

http://www.redhat.com/support/errata/RHSA-2011-0433.html

http://www.securityfocus.com/bid/47189

http://www.securitytracker.com/id?1025317

http://www.ubuntu.com/usn/USN-1107-1

http://www.vupen.com/english/advisories/2011/0880

http://www.vupen.com/english/advisories/2011/0889

http://www.vupen.com/english/advisories/2011/0906

http://www.vupen.com/english/advisories/2011/0929

http://www.vupen.com/english/advisories/2011/0966

http://www.vupen.com/english/advisories/2011/0975

https://bugzilla.redhat.com/show_bug.cgi?id=680196

https://exchange.xforce.ibmcloud.com/vulnerabilities/66585

https://lwn.net/Articles/437150/

http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057928.html

http://lists.freedesktop.org/archives/xorg-announce/2011-April/001635.html

http://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.html

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00002.html

http://secunia.com/advisories/44010

http://secunia.com/advisories/44012

http://secunia.com/advisories/44040

http://secunia.com/advisories/44082

http://secunia.com/advisories/44122

http://secunia.com/advisories/44123

http://secunia.com/advisories/44193

http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.465748

http://www.debian.org/security/2011/dsa-2213

http://www.mandriva.com/security/advisories?name=MDVSA-2011:076

http://www.redhat.com/support/errata/RHSA-2011-0432.html

http://www.redhat.com/support/errata/RHSA-2011-0433.html

http://www.securityfocus.com/bid/47189

http://www.securitytracker.com/id?1025317

http://www.ubuntu.com/usn/USN-1107-1

http://www.vupen.com/english/advisories/2011/0880

http://www.vupen.com/english/advisories/2011/0889

http://www.vupen.com/english/advisories/2011/0906

http://www.vupen.com/english/advisories/2011/0929

http://www.vupen.com/english/advisories/2011/0966

http://www.vupen.com/english/advisories/2011/0975

https://bugzilla.redhat.com/show_bug.cgi?id=680196

https://exchange.xforce.ibmcloud.com/vulnerabilities/66585

https://lwn.net/Articles/437150/