4 matches found
OESA-2026-2490 libvncserver security update
libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...
CVE-2021-41380
RealVNC Viewer 6.21.406 allows remote VNC servers to cause a denial of service application crash via crafted RFB protocol data. NOTE: It is asserted that this issue requires social engineering a user into connecting to a fake VNC Server. The VNC Viewer application they are using will then hang,...
libvncserver: uninitialized memory contents are vulnerable to Information Leak
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak of uninitialized memory contents in the libvncclient/rfbproto.c ConnectToRFBRepeater function...
libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...