漏洞描述
libxcb是X.Org软件基金会运作的一个提供X Window系统协议的接口。 X.org libxcb 1.9及更早版本中存在整数溢出漏洞。具有X servers权限的攻击者可通过与read_packet函数有关的向量,利用该漏洞触发内存不足的分配和缓冲区溢出。
X.Org libxcb ‘read_packet()’函数远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2025-46349: YesWiki Reflected XSS via File Upload
- POC exist-db-dashboard-access: eXist-DB Dashboard Access
- 东胜物流软件 /Areas/Mobile/Views/YunJia/YJCX.aspx SQL 注入漏洞
- 万户OA /defaultroot/evo/weixin/WeiXin!callback.action XML 外部实体注入漏洞
- Apache Struts XWork组件 XML外部实体注入漏洞(CVE-2025-68493)
- 时空智友ERP /formservice/wf XML 外部实体注入漏洞
- POC CVE-2012-10018: WordPress Mapplic <= 6.1 / Mapplic Lite <= 1.0 - Authenticated Stored XSS via SVG File Upload
- POC CVE-2011-3600: Apache OFBiz - XML External Entity Injection
- POC CVE-2015-8350: WordPress Calls to Action <=2.4.3 - Authenticated Reflected XSS
- POC CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS
- POC CVE-2017-17762: Episerver 7 - Blind XML External Entity Injection
- POC CVE-2018-6961: VMware NSX SD-WAN Edge - Command Injection
- POC CVE-2021-33829: Drupal 7 CKEditor XSS