CVE-2011-0465

xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.

Published: Apr 8, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-0465
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
x / x11	r7.0	r7.0.x
x / x11	r3	r3.x
x / x11	r6.1	r6.1.x
x / x11	r6.8.0	r6.8.0.x
matthias_hopf / xrdb	1.0.2	1.0.2.x
x / x11	r6.7	r6.7.x
x / x11	r7.2	r7.2.x
x / x11	r2	r2.x
x / x11	-	r7.6.x
x / x11	r7.1	r7.1.x
x / x11	r7.5	r7.5.x
x / x11	r5	r5.x
x / x11	r6.9.0	r6.9.0.x
x / x11	r7.3	r7.3.x
x / x11	r1	r1.x
x / x11	r6.8.1	r6.8.1.x
x / x11	r6.4	r6.4.x
matthias_hopf / xrdb	1.0.4	1.0.4.x
matthias_hopf / xrdb	-	1.0.8.x
matthias_hopf / xrdb	1.0.7	1.0.7.x
matthias_hopf / xrdb	1.0.5	1.0.5.x
x / x11	r4	r4.x
x / x11	r7.4	r7.4.x
matthias_hopf / xrdb	1.0.3	1.0.3.x
x / x11	r6.6	r6.6.x
x / x11	r6.8.2	r6.8.2.x
x / x11	r6.5.1	r6.5.1.x
x / x11	r6.3	r6.3.x
x / x11	r6.7.0	r6.7.0.x
x / x11	r6	r6.x
matthias_hopf / xrdb	1.0.6	1.0.6.x

Vulnerability Database

289,697

CVE-2011-0465