Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (over-read) in the xfce_mkdirhier function was also reported, but it might not be exploitable for a crash or code execution, so it is not a vulnerability.
AV:N/AC:L/Au:N/C:N/I:P/A:NXfce
APPXfceβ€ 4.4.1
Related vulnerabilities
Xfce4-session 4.5.91 in Xfce does not lock the screen when the suspend or hibernate button is pressed, which m...
Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attacker...
Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within F...
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in...
An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a...