Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the vnc operating system package of OpenSUSE can lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

openstack-nova: console Cross-Site WebSocket hijacking

It was discovered that the OpenStack Compute nova console websocket did not correctly verify the origin header. An attacker could use this flaw to conduct a cross-site websocket hijack attack. Note that only Compute setups with VNC or SPICE enabled were affected by this flaw...

openstack-nova: console Cross-Site WebSocket hijacking

It was discovered that the OpenStack Compute nova console websocket did not correctly verify the origin header. An attacker could use this flaw to conduct a cross-site websocket hijack attack. Note that only Compute setups with VNC or SPICE enabled were affected by this flaw...

openstack-nova: console Cross-Site WebSocket hijacking

It was discovered that the OpenStack Compute nova console websocket did not correctly verify the origin header. An attacker could use this flaw to conduct a cross-site websocket hijack attack. Note that only Compute setups with VNC or SPICE enabled were affected by this flaw...

qemu: vnc: insufficient bits_per_pixel from the client sanitization

An uninitialized data structure use flaw was found in the way the setpixelformat function sanitized the value of bitsperpixel. An attacker able to access a guest's VNC console could use this flaw to crash the guest...

libvncserver: server stacked-based buffer overflow flaws in file transfer handling

Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client...

libvncserver: NULL pointer dereference flaw in framebuffer setup

A NULL pointer dereference flaw was found in LibVNCServer's framebuffer setup. A malicious VNC server could use this flaw to cause a VNC client to crash...

openstack-nova: Nova VMware driver may connect VNC to another tenant's console

A race condition flaw was found in the way the nova VMware driver handled VNC port allocation. An authenticated user could use this flaw to gain unauthorized console access to instances belonging to other tenants by repeatedly spawning new instances. Note that only nova setups using the VMware...

DEBIAN-CVE-2009-3616

Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to execute arbitrary code on the host OS by establishing a connection from a VNC client and then 1 disconnecting during data transfer, 2 sending a message using incorrect integ...

DEBIAN-CVE-2008-4539

Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...

DEBIAN-CVE-2008-5714

Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended...

DEBIAN-CVE-2008-5660

Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...

ATT VNC Windows Server Buffer Overflow

Advisory ID Internal CORE-21011502 Bugtraq ID: 2306 CVE Name: CAN-2001-0168 Title: ATT VNC Windows Server Buffer Overflow Class: Boundary Error Condition Buffer Overflow Remotely Exploitable: yes Locally Exploitable: yes Release Mode: USER RELEASE Vulnerability Description: As stated in the VNC...

ATT VNC Windows Client Buffer Overflow

Advisory ID Internal CORE-21011503 Bugtraq ID: 2305 CVE Name: CAN-2001-0167 Title: ATT VNC Windows Client Buffer Overflow Class: Boundary Error Condition Buffer Overflow Remotely Exploitable: yes Locally Exploitable: yes Release Mode: USER RELEASE Vulnerability Description: As stated in the VNC...

Weak authentication in ATT VNC

Advisory ID Internal CORE-21011501 Advisory ID: CORE-2001011501 Bugtraq ID: 2275 CVE Name: None currently assigned. Title: Weak authentication in ATT VNC Class: Design error Remotely Exploitable: yes Locally Exploitable: no Release Mode: USER RELEASE Vulnerability Description: As stated in the VN...