CVE-2011-0465: xorg: xrdb code execution via crafted X client hostname

Severity: Critical

CVSS Score: 9.3

xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.