Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
X.Org libX11 输入验证错误漏洞
Vulnerability Description
X.Org libX11是X.Org(X.org)基金会的一个X11(X Window系统)客户端库。 libX11 存在输入验证错误漏洞,该漏洞源于XLookupColor和其他X库函数缺乏对其字符串参数长度的适当验证。
CVSS Information
N/A
Vulnerability Type
N/A