22 matches found
SUSE: Security Advisory (SUSE-SU-2015:2088-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4587-1: iTALC vulnerabilities
Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055...
Arbitrary Code Execution
LibVNCServer is a library that allows for easy creation of VNC server or client functionality. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way screen sizes were handled by LibVNCServer. A malicious VNC server could use this flaw to cause a client to crash o...
Null pointer dereference
XRegion in TigerVNC allows remote VNC servers to cause a denial of service NULL pointer dereference by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052...
Oracle: Security Advisory (ELSA-2014-1826)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201507-07
Gentoo Linux Local Security Checks GLSA 201507-07 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
GLSA-201507-07 : LibVNCServer: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201507-07 LibVNCServer: Multiple vulnerabilities Multiple vulnerabilities have been discovered in LibVNCServer. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to execute...
CVE-2014-6052
The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service application crash or possibly execute arbitrary code by specifying a large screen size in a 1...
CVE-2014-6052
CVE-2014-6052 affects LibVNCServer (0.9.9 and earlier) where LibVNCClient’s HandleRFBServerMessage in libvncclient/rfbproto.c fails to validate certain malloc return values. This can allow a remote VNC server to trigger a denial of service (application crash) or potentially execute arbitrary code...
Scientific Linux Security Update : libvncserver on SL6.x, SL7.x i386/x86_64 (20141111)
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way screen sizes were handled by LibVNCServer. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code in the client. CVE-2014-6051 A NULL pointer dereference...
CentOS Update for libvncserver CESA-2014:1826 centos6
Check the version of libvncserver SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882078";...
Oracle Linux 6 / 7 : libvncserver (ELSA-2014-1826)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1826 advisory. - Fix CVE-2014-6051 integer overflow in screen size handling bug 1157668 - Fix CVE-2014-6052 NULL pointer dereference in framebuffer setup bug...
libvncserver security update
CentOS Errata and Security Advisory CESA-2014:1826 Updated libvncserver packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS ba...
Moderate: Red Hat Security Advisory: libvncserver security update
Updated libvncserver packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...
libvncserver security update
0.9.7-7.1 - Fix CVE-2014-6051 integer overflow in screen size handling bug 1157668 - Fix CVE-2014-6052 NULL pointer dereference in framebuffer setup bug 1157668 - Fix CVE-2014-6053 NULL pointer dereference in ClientCutText message handling bug 1157668 - Fix CVE-2014-6054 server divide-by-zero in...
Fedora 19 : libvncserver-0.9.10-0.6.20140718git9453be42.fc19 (2014-11541)
Various security fixes, including CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as mu...
Fedora Update for libvncserver FEDORA-2014-11541
Check the version of libvncserver SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868357";...
Fedora 21 : libvncserver-0.9.10-0.6.20140718git9453be42.fc21 (2014-11685)
Various security fixes, including CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as mu...
Fedora Update for libvncserver FEDORA-2014-11537
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2365-1: LibVNCServer vulnerabilities
Nicolas Ruff discovered that LibVNCServer incorrectly handled memory when being advertised large screen sizes by the server. If a user were tricked into connecting to a malicious server, an attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...