Lucene search
Gentoo FoundationMGASA-2014-0466HistoryNov 21, 2014 - 3:44 p.m.
Updated kdenetwork4 packages fix security vulnerabilities in krfb
2014-11-2115:44:16
Gentoo Foundation
advisories.mageia.org
9
0.886 High
EPSS
Percentile
98.7%
A malicious VNC client can trigger multiple DoS conditions on the VNC server by advertising a large screen size, ClientCutText message length and/or a zero scaling factor parameter (CVE-2014-6053, CVE-2014-6054). A malicious VNC client can trigger multiple stack-based buffer overflows by passing a long file and directory names and/or attributes (FileTime) when using the file transfer message feature (CVE-2014-6055). The krfb package is built with a bundled copy of libvncserver.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | kdenetwork4 | < 4.10.5-1.3 | kdenetwork4-4.10.5-1.3.mga3 |
Related
oraclelinux
oraclelinux
kdenetwork security update
2014-11-11 00:00:00
libvncserver security update
2014-11-11 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0466)
2022-01-28 00:00:00
Oracle: Security Advisory (ELSA-2014-1827)
2015-10-06 00:00:00
RedHat Update for kdenetwork RHSA-2014:1827-01
2014-11-12 00:00:00
nessus
nessus
Scientific Linux Security Update : kdenetwork on SL7.x x86_64 (20141111)
2014-11-13 00:00:00
RHEL 7 : kdenetwork (RHSA-2014:1827)
2014-11-12 00:00:00
Oracle Linux 7 : kdenetwork (ELSA-2014-1827)
2014-11-12 00:00:00
redhat
redhat
(RHSA-2014:1827) Moderate: kdenetwork security update
2014-11-11 14:45:20
(RHSA-2014:1826) Moderate: libvncserver security update
2014-11-11 00:00:00
(RHSA-2015:0113) Moderate: libvncserver security update
2015-02-02 00:00:00
centos
centos
kdenetwork security update
2014-11-12 09:44:41
libvncserver security update
2014-11-11 18:36:28
freebsd
freebsd
libvncserver -- multiple security vulnerabilities
2014-09-23 00:00:00
krfb -- Multiple security issues in bundled libvncserver
2014-09-23 00:00:00
debian
debian
[SECURITY] [DLA 197-1] libvncserver security update
2015-04-14 16:06:09
[SECURITY] [DSA 3081-1] libvncserver security update
2014-11-29 15:58:55
[SECURITY] [DLA 2014-1] vino security update
2019-11-29 08:31:28
securityvulns
securityvulns
libvncserver multiple security vulnerabilities
2014-09-29 00:00:00
[oCERT-2014-007] libvncserver multiple issues
2014-09-29 00:00:00
osv
osv
libvncserver - security update
2014-11-29 00:00:00
libvncserver - security update
2015-04-14 00:00:00
vino - security update
2019-11-29 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Divide By Zero
2019-05-02 05:04:38
Arbitrary Code Execution
2019-05-02 05:04:38
Arbitrary Code Execution
2019-05-02 05:04:38
mageia
mageia
Updated libvncserver & remmina packages fix security vulnerabilities
2014-10-07 13:22:51
Updated KDE 4 and related packages move to KDE 4.12.5
2014-10-29 14:30:40
Updated vino packages fix security vulnerability
2020-06-11 00:39:20
archlinux
archlinux
libvncserver: remote code execution, denial of service
2014-10-24 00:00:00
ubuntu
ubuntu
LibVNCServer vulnerabilities
2014-09-29 00:00:00
iTALC vulnerabilities
2020-10-20 00:00:00
Vino vulnerabilities
2020-10-07 00:00:00
gentoo
gentoo
LibVNCServer: Multiple vulnerabilities
2015-07-07 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: krfb-4.11.5-4.fc19
2014-10-08 19:11:38
ubuntucve
ubuntucve
cve
cve
cvelist
cvelist
prion
prion
Denial of service
2014-10-06 14:55:00
Stack overflow
2014-09-30 16:55:00
Design/Logic Flaw
2014-12-15 18:59:00
debiancve
debiancve
checkpoint_advisories
checkpoint_advisories