LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | libvncserver | < 0.9.11+dfsg-1.3 | libvncserver_0.9.11+dfsg-1.3_all.deb |
Debian | 11 | all | libvncserver | < 0.9.11+dfsg-1.3 | libvncserver_0.9.11+dfsg-1.3_all.deb |
Debian | 10 | all | libvncserver | < 0.9.11+dfsg-1.3 | libvncserver_0.9.11+dfsg-1.3_all.deb |
Debian | 999 | all | libvncserver | < 0.9.11+dfsg-1.3 | libvncserver_0.9.11+dfsg-1.3_all.deb |
Debian | 13 | all | libvncserver | < 0.9.11+dfsg-1.3 | libvncserver_0.9.11+dfsg-1.3_all.deb |