aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2005-06-02 00:52:45 +0800
committernectar <nectar@FreeBSD.org>2005-06-02 00:52:45 +0800
commite081444e6824b43669863e02f8fed093cc44c2c1 (patch)
treebbc5d98b5b3aff6316cfb6b56edfebfd397e4ccf
parent1acd6dcdef8cd80a430d9b2e8a16ef3269a84af1 (diff)
downloadfreebsd-ports-gnome-e081444e6824b43669863e02f8fed093cc44c2c1.tar.gz
freebsd-ports-gnome-e081444e6824b43669863e02f8fed093cc44c2c1.tar.zst
freebsd-ports-gnome-e081444e6824b43669863e02f8fed093cc44c2c1.zip
document a vulnerability in xtrlock
Diffstat
-rw-r--r--security/vuxml/vuln.xml27
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 3bda4b92120a..8e54108e6251 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -32,6 +32,33 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="f7e8d2ca-410e-40b2-8748-3abd021e44a9">
+ <topic>xtrlock -- X display locking bypass</topic>
+ <affects>
+ <package>
+ <name>xtrlock</name>
+ <range><lt>2.0.10</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The X display locking program <code>xtrlock</code> contains
+ an integer overflow bug. It is possible for an attacker with
+ physical access to the system to bypass the display lock.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2005-0079</cvename>
+ <url>http://www.debian.org/security/2005/dsa-649</url>
+ <url>http://xforce.iss.net/xforce/xfdb/18991</url>
+ <url>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278191</url>
+ </references>
+ <dates>
+ <discovery>2004-10-25</discovery>
+ <entry>2005-06-01</entry>
+ </dates>
+ </vuln>
+
<vuln vid="bf2e7483-d3fa-440d-8c6e-8f1f2f018818">
<topic>linux_base -- vulnerabilities in Red Hat 7.1 libraries</topic>
<affects>
generated by cgit (git 2.34.1) at 2024-11-27 14:52:11 +0800