Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-q8sq-vkr5-2ba5
Vulnerability ID VCID-q8sq-vkr5-2ba5
Aliases CVE-2008-2362
Summary Multiple vulnerabilities have been discovered in the X.Org X server, possibly allowing for the remote execution of arbitrary code with root privileges.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-20 Improper Input Validation
CWE-189 Numeric Errors
System Score Found at
epss 0.02076 https://api.first.org/data/v1/epss?cve=CVE-2008-2362
epss 0.02076 https://api.first.org/data/v1/epss?cve=CVE-2008-2362
epss 0.02076 https://api.first.org/data/v1/epss?cve=CVE-2008-2362
epss 0.02076 https://api.first.org/data/v1/epss?cve=CVE-2008-2362
epss 0.02076 https://api.first.org/data/v1/epss?cve=CVE-2008-2362
epss 0.02076 https://api.first.org/data/v1/epss?cve=CVE-2008-2362
epss 0.02076 https://api.first.org/data/v1/epss?cve=CVE-2008-2362
epss 0.02076 https://api.first.org/data/v1/epss?cve=CVE-2008-2362
epss 0.02076 https://api.first.org/data/v1/epss?cve=CVE-2008-2362
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2008-2362
Reference id Reference type URL
ftp://ftp.freedesktop.org/pub/xorg/X11R7.3/patches/xorg-xserver-1.4-cve-2008-2362.diff
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=720
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://lists.freedesktop.org/archives/xorg/2008-June/036026.html
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
http://rhn.redhat.com/errata/RHSA-2008-0504.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2362.json
https://api.first.org/data/v1/epss?cve=CVE-2008-2362
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362
http://secunia.com/advisories/30627
http://secunia.com/advisories/30630
http://secunia.com/advisories/30637
http://secunia.com/advisories/30659
http://secunia.com/advisories/30664
http://secunia.com/advisories/30666
http://secunia.com/advisories/30671
http://secunia.com/advisories/30715
http://secunia.com/advisories/30772
http://secunia.com/advisories/30809
http://secunia.com/advisories/30843
http://secunia.com/advisories/31025
http://secunia.com/advisories/31109
http://secunia.com/advisories/32099
http://secunia.com/advisories/33937
http://security.gentoo.org/glsa/glsa-200806-07.xml
http://securitytracker.com/id?1020245
https://issues.rpath.com/browse/RPL-2607
https://issues.rpath.com/browse/RPL-2619
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11246
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238686-1
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2008-249.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0201
http://www.debian.org/security/2008/dsa-1595
http://www.gentoo.org/security/en/glsa/glsa-200807-07.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:116
http://www.mandriva.com/security/advisories?name=MDVSA-2008:179
http://www.securityfocus.com/archive/1/493548/100/0/threaded
http://www.securityfocus.com/archive/1/493550/100/0/threaded
http://www.securityfocus.com/bid/29670
http://www.ubuntu.com/usn/usn-616-1
http://www.vupen.com/english/advisories/2008/1803
http://www.vupen.com/english/advisories/2008/1833
http://www.vupen.com/english/advisories/2008/1983/references
448785 https://bugzilla.redhat.com/show_bug.cgi?id=448785
cpe:2.3:a:x:x11:r7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:x:x11:r7.3:*:*:*:*:*:*:*
CVE-2008-2362 https://nvd.nist.gov/vuln/detail/CVE-2008-2362
GLSA-200806-07 https://security.gentoo.org/glsa/200806-07
RHSA-2008:0504 https://access.redhat.com/errata/RHSA-2008:0504
USN-616-1 https://usn.ubuntu.com/616-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2008-2362
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.83901
EPSS Score 0.02076
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:02:49.015886+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/200806-07 38.0.0