Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-g15b-mt4a-kbhc
Vulnerability ID VCID-g15b-mt4a-kbhc
Aliases CVE-2008-1377
Summary Multiple vulnerabilities have been discovered in the X.Org X server, possibly allowing for the remote execution of arbitrary code with root privileges.
Status Published
Exploitability 0.5
Weighted Severity 8.1
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
epss 0.02373 https://api.first.org/data/v1/epss?cve=CVE-2008-1377
cvssv2 9.0 https://nvd.nist.gov/vuln/detail/CVE-2008-1377
Reference id Reference type URL
ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-1377.diff
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=721
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://lists.freedesktop.org/archives/xorg/2008-June/036026.html
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
http://rhn.redhat.com/errata/RHSA-2008-0502.html
http://rhn.redhat.com/errata/RHSA-2008-0504.html
http://rhn.redhat.com/errata/RHSA-2008-0512.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1377.json
https://api.first.org/data/v1/epss?cve=CVE-2008-1377
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377
http://secunia.com/advisories/30627
http://secunia.com/advisories/30628
http://secunia.com/advisories/30629
http://secunia.com/advisories/30630
http://secunia.com/advisories/30637
http://secunia.com/advisories/30659
http://secunia.com/advisories/30664
http://secunia.com/advisories/30666
http://secunia.com/advisories/30671
http://secunia.com/advisories/30715
http://secunia.com/advisories/30772
http://secunia.com/advisories/30809
http://secunia.com/advisories/30843
http://secunia.com/advisories/31025
http://secunia.com/advisories/31109
http://secunia.com/advisories/32099
http://secunia.com/advisories/32545
http://secunia.com/advisories/33937
http://security.gentoo.org/glsa/glsa-200806-07.xml
http://securitytracker.com/id?1020247
https://issues.rpath.com/browse/RPL-2607
https://issues.rpath.com/browse/RPL-2619
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10109
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201
http://www.debian.org/security/2008/dsa-1595
http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:115
http://www.mandriva.com/security/advisories?name=MDVSA-2008:116
http://www.redhat.com/support/errata/RHSA-2008-0503.html
http://www.securityfocus.com/archive/1/493548/100/0/threaded
http://www.securityfocus.com/archive/1/493550/100/0/threaded
http://www.ubuntu.com/usn/usn-616-1
http://www.vupen.com/english/advisories/2008/1803
http://www.vupen.com/english/advisories/2008/1833
http://www.vupen.com/english/advisories/2008/1983/references
http://www.vupen.com/english/advisories/2008/3000
445403 https://bugzilla.redhat.com/show_bug.cgi?id=445403
cpe:2.3:a:x:x11:r7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:x:x11:r7.3:*:*:*:*:*:*:*
CVE-2008-1377 https://nvd.nist.gov/vuln/detail/CVE-2008-1377
GLSA-200806-07 https://security.gentoo.org/glsa/200806-07
RHSA-2008:0502 https://access.redhat.com/errata/RHSA-2008:0502
RHSA-2008:0503 https://access.redhat.com/errata/RHSA-2008:0503
RHSA-2008:0504 https://access.redhat.com/errata/RHSA-2008:0504
RHSA-2008:0512 https://access.redhat.com/errata/RHSA-2008:0512
USN-616-1 https://usn.ubuntu.com/616-1/
No exploits are available.
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2008-1377
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.84886
EPSS Score 0.02373
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:02:48.967094+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/200806-07 38.0.0