NewStart CGSL CORE 5.04 / MAIN 5.04 : libvncserver Multiple Vulnerabilities (NS-SA-2020-0038)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libvncserver packages installed that are affected by multiple vulnerabilities: - libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap- based buffer overflow via a large heig...

Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2020-1925)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : libvncserver (EulerOS-SA-2020-1925)

According to the version of the libvncserver package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large heigh...

libvncserver: websocket decoding buffer overflow

A flaw was found in libvncserver. A heap-based buffer overflow within the websocket decoding functionality is possible, which can lead to exploitation by a malicious attacker to overwrite a function pointer. The highest threat from this vulnerability is to data confidentiality and integrity as we...

Important: Red Hat Security Advisory: libvncserver security update

An update for libvncserver is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

RHEL 8 : libvncserver (RHSA-2020:3588)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:3588 advisory. LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fixes: libvncserver: websocket decodin...

Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2020-1866)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2347-1 : libvncserver security update

Several minor vulnerabilities have been discovered in libvncserver, a server and client implementation of the VNC protocol. CVE-2019-20839 libvncclient/sockets.c in LibVNCServer had a buffer overflow via a long socket filename. CVE-2020-14397 libvncserver/rfbregion.c has a NULL pointer dereferenc...

Debian: Security Advisory (DLA-2347-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2347-1] libvncserver security update

Debian LTS Advisory DLA-2347-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 28, 2020 https://wiki.debian.org/LTS Package : libvncserver Version : 0.9.11+dfsg-1.3deb9u5 CVE ID : CVE-2019-20839 CVE-2020-14397 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401...

EulerOS 2.0 SP8 : libvncserver (EulerOS-SA-2020-1866)

According to the versions of the libvncserver package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to...

DLA-2347-1 libvncserver - security update

Bulletin has no description...

PT-2020-6265 · Unknown +9 · Libvncserver +9

Name of the Vulnerable Software and Affected Versions: LibVNCServer version 0.9.12 Description: The issue is related to a divide by zero problem in LibVNCServer, which can be exploited by a remote attacker to cause a denial of service. A malicious client can send a specially crafted message to th...

The vulnerability of the implementation of the ConnectToRFBRepeater function in the cross-platform library LibVNCServer allows a hacker to cause a service failure.

The vulnerability of the ConnectToRFBRepeater function implementation in the cross-platform library LibVNCServer is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

Product update: Virtuozzo Hybrid Server 7.0 Update 14 Hotfix 2 (7.0.14-258)

The Hotfix 2 for Virtuozzo Hybrid Server 7.0 Update 14 provides security, stability, and usability bug fixes. Vulnerability id: PSBM-106197, CVE-2019-20839, CVE-2019-20840, CVE-2020-14396, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399, CVE-2020-14400, CVE-2020-14401, CVE-2020-14402,...

The vulnerability in the cross-platform library LibVNCServer’s component libvncclient/sockets.c allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability in the libvncclient/sockets.c component of the cross-platform library LibVNCServer relates to the execution of operations beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures or execute arbitrary code using a special...

The vulnerability of the websockets.c component of the cross-platform library LibVNCServer allows a attacker to cause a service failure.

The vulnerability of the websockets.c component in the cross-platform library LibVNCServer is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures...

libvncserver: websocket decoding buffer overflow

A flaw was found in libvncserver. A heap-based buffer overflow within the websocket decoding functionality is possible, which can lead to exploitation by a malicious attacker to overwrite a function pointer. The highest threat from this vulnerability is to data confidentiality and integrity as we...

Important: Red Hat Security Advisory: libvncserver security update

An update for libvncserver is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

RHEL 8 : libvncserver (RHSA-2020:3456)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3456 advisory. LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fixes: libvncserver: websocket decodin...