Lucene search
FreeBSDCB3F036D-8C7F-11E6-924A-60A44CE6887BHistorySep 23, 2014 - 12:00 a.m.
libvncserver -- multiple security vulnerabilities
2014-09-2300:00:00
vuxml.freebsd.org
14
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.905 High
EPSS
Percentile
98.8%
Nicolas Ruff reports:
Integer overflow in MallocFrameBuffer() on client side.
Lack of malloc() return value checking on client side.
Server crash on a very large ClientCutText message.
Server crash when scaling factor is set to zero.
Multiple stack overflows in File Transfer feature.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | libvncserver | < 0.9.10 | UNKNOWN |
References
Related
securityvulns
securityvulns
libvncserver multiple security vulnerabilities
2014-09-29 00:00:00
[oCERT-2014-007] libvncserver multiple issues
2014-09-29 00:00:00
redhat
redhat
(RHSA-2014:1826) Moderate: libvncserver security update
2014-11-11 00:00:00
(RHSA-2014:1827) Moderate: kdenetwork security update
2014-11-11 14:45:20
(RHSA-2015:0113) Moderate: libvncserver security update
2015-02-02 00:00:00
nessus
nessus
SUSE SLED12 / SLES12 Security Update : LibVNCServer (SUSE-SU-2015:2088-1)
2015-11-25 00:00:00
SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2015:2088-2)
2016-01-04 00:00:00
GLSA-201507-07 : LibVNCServer: Multiple vulnerabilities
2015-07-08 00:00:00
osv
osv
libvncserver - security update
2014-11-29 00:00:00
libvncserver - security update
2015-04-14 00:00:00
italc vulnerabilities
2020-10-20 16:35:20
veracode
veracode
Denial Of Service (DoS) Through Divide By Zero
2019-05-02 05:04:38
Arbitrary Code Execution
2019-05-02 05:04:38
Arbitrary Code Execution
2019-05-02 05:04:38
mageia
mageia
Updated libvncserver & remmina packages fix security vulnerabilities
2014-10-07 13:22:51
Updated kdenetwork4 packages fix security vulnerabilities in krfb
2014-11-21 15:44:16
Updated KDE 4 and related packages move to KDE 4.12.5
2014-10-29 14:30:40
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:2088-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:2110-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:2088-2)
2021-04-19 00:00:00
archlinux
archlinux
libvncserver: remote code execution, denial of service
2014-10-24 00:00:00
gentoo
gentoo
LibVNCServer: Multiple vulnerabilities
2015-07-07 00:00:00
TigerVNC: Integer overflow
2016-12-13 00:00:00
ubuntu
ubuntu
LibVNCServer vulnerabilities
2014-09-29 00:00:00
iTALC vulnerabilities
2020-10-20 00:00:00
Vino vulnerabilities
2020-10-07 00:00:00
debian
debian
[SECURITY] [DLA 197-1] libvncserver security update
2015-04-14 16:05:48
[SECURITY] [DSA 3081-1] libvncserver security update
2014-11-29 15:21:35
[SECURITY] [DLA 1979-1] italc security update
2019-10-30 22:21:35
centos
centos
libvncserver security update
2014-11-11 18:36:28
kdenetwork security update
2014-11-12 09:44:41
fedora
fedora
oraclelinux
oraclelinux
libvncserver security update
2014-11-11 00:00:00
kdenetwork security update
2014-11-11 00:00:00
ubuntucve
ubuntucve
debiancve
debiancve
prion
prion
Integer overflow
2014-09-30 16:55:00
Stack overflow
2014-09-30 16:55:00
Design/Logic Flaw
2014-12-15 18:59:00
cve
cve
freebsd
freebsd
krfb -- Multiple security issues in bundled libvncserver
2014-09-23 00:00:00
checkpoint_advisories
checkpoint_advisories
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.905 High
EPSS
Percentile
98.8%
Related for CB3F036D-8C7F-11E6-924A-60A44CE6887B