X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.
Conclusion & alert: CVE-2006-4447 is rated Moderate Risk (41.1/100): CVSS High severity, with low exploitation likelihood (EPSS 0.43%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.13% | 0.43% | +0.30% |
| 2 | 2026-05-28 | 0.18% | 0.13% | -0.04% |
| 3 | 2025-08-07 | — | 0.18% | — |
Full EPSS history (8 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.2 | 2.0 | HIGH |
|
3.9 | 10.0 | [email protected] |
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
low | CVE-2006-4447 low priority: Debian including 5 source packages (libx11, xdm, xorg-server, xterm, xtrans), 25 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 20, open 5. | https://security-tracker.debian.org/tracker/CVE-2006-4447 |
gentoo
|
low | CVE-2006-4447: 2 GLSA(s) (200608-25, 200704-22), 11 atom(s) (app-emulation/emul-linux-x86-xlibs, media-sound/beast, …); latest impact low. | https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2006-4447 |
redhat
|
— | — | https://access.redhat.com/security/cve/CVE-2006-4447 |
ubuntu
|
medium | CVE-2006-4447 medium priority: Ubuntu including 2 source packages (beast, xorg-server), 18 status rows across 9 suites (dapper, edgy, feisty, gutsy, hardy, intrepid, jaunty, karmic, upstream): released 9, not-affected 5, ignored 2, needs-triage 2. | https://ubuntu.com/security/CVE-2006-4447 |
Not Vulnerable. This issue does not exist in Red Hat Enterprise Linux 2.1 or 3. This issue not exploitable in Red Hat Enterprise Linux 4. A detailed analysis of this issue can be found in the Red Hat Bug Tracking System: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=195555
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| x.org | emu-linux-x87-xlibs | 7.0_r1 | cpe:2.3:a:x.org:emu-linux-x87-xlibs:7.0_r1:*:*:*:*:*:*:* |
| x.org | x11r6 | 6.7.0 | cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:* |
| x.org | x11r6 | 6.8 | cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:* |
| x.org | x11r6 | 6.8.1 | cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:* |
| x.org | x11r6 | 6.8.2 | cpe:2.3:a:x.org:x11r6:6.8.2:*:*:*:*:*:*:* |
| x.org | x11r7 | 1.0 | cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:* |
| x.org | x11r7 | 1.0.1 | cpe:2.3:a:x.org:x11r7:1.0.1:*:*:*:*:*:*:* |
| x.org | x11r7 | 1.0.2 | cpe:2.3:a:x.org:x11r7:1.0.2:*:*:*:*:*:*:* |
| x.org | xdm | 1.0.3 | cpe:2.3:a:x.org:xdm:1.0.3:*:*:*:*:*:*:* |
| x.org | xf86dga | 1.0.0 | cpe:2.3:a:x.org:xf86dga:1.0.0:*:*:*:*:*:*:* |
| x.org | xinit | 1.0.2_r5 | cpe:2.3:a:x.org:xinit:1.0.2_r5:*:*:*:*:*:*:* |
| x.org | xload | 1.0.0 | cpe:2.3:a:x.org:xload:1.0.0:*:*:*:*:*:*:* |
| x.org | xorg-server | 1.02_r5 | cpe:2.3:a:x.org:xorg-server:1.02_r5:*:*:*:*:*:*:* |
| x.org | xterm | 214 | cpe:2.3:a:x.org:xterm:214:*:*:*:*:*:*:* |