Lucene search

K
cvelistMitreCVELIST:CVE-2018-7225
HistoryFeb 19, 2018 - 3:00 p.m.

CVE-2018-7225

2018-02-1915:00:00
mitre
www.cve.org
9
libvncserver
access to data
vnc packets

AI Score

8.9

Confidence

High

EPSS

0.013

Percentile

85.7%

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.