CVE-2014-6053

2014-12-15T13:59:05
ID CVE-2014-6053
Type cve
Reporter NVD
Modified 2016-12-21T21:59:17

Description

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.