USN-3877-1: LibVNCServer vulnerabilities

It was discovered that LibVNCServer incorrectly handled certain operations. A remote attacker able to connect to applications using LibVNCServer could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code...

CVE-2018-20749

A flaw was found in libvncserver. An incomplete fix for CVE-2018-15127 leaves open an out-of-bounds write vulnerability in code for the file transfer extension. This vulnerability can be remotely exploited. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

[SECURITY] [DLA 1652-1] libvncserver security update

Package : libvncserver Version : 0.9.9+dfsg2-6.1+deb8u5 CVE ID : CVE-2018-15126 CVE-2018-20748 CVE-2018-20749 CVE-2018-20750 A vulnerability was found by Kaspersky Lab in libvncserver, a C library to implement VNC server/client functionalities. In addition, some of the vulnerabilities addressed i...

LibVNC libvncserver/rfbserver.c file heap out-of-bounds write vulnerability (CNVD-2019-05102)

LibVNC is a cross-platform C library for implementing VNC server and client functionality. A heap out-of-bounds write vulnerability exists in the libvncserver/rfbserver.c file in LibVNC versions prior to 0.9.12. An attacker can exploit the vulnerability to execute arbitrary code in the context of...

DLA-1652-1 libvncserver - security update

Bulletin has no description...

CVE-2018-20750

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete...

CVE-2018-20749

LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete...

DEBIAN-CVE-2018-20750

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete...

Debian: Security Advisory (DLA-1652-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2018-20750

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete...

openSUSE Security Update : LibVNCServer (openSUSE-2019-53)

This update for LibVNCServer fixes the following issues : Security issues fixed : - CVE-2018-15126: Fixed use-after-free in file transfer extension bsc1120114 - CVE-2018-6307: Fixed use-after-free in file transfer extension server code bsc1120115 - CVE-2018-20020: Fixed heap out-of-bound write...

openSUSE: Security Advisory for LibVNCServer (openSUSE-SU-2019:0053-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS 7 : libvncserver (CESA-2019:0059)

An update for libvncserver is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CentOS Update for libvncserver CESA-2019:0059 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for LibVNCServer (important)

openSUSE Security Update: Security update for LibVNCServer Announcement ID: openSUSE-SU-2019:0053-1 Rating: important References: 1120114 1120115 1120116 1120117 1120118 1120119 1120120 1120121 1120122 Cross-References: CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021...

libvncserver security update

CentOS Errata and Security Advisory CESA-2019:0059 An update for libvncserver is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Oracle Linux 7 : libvncserver (ELSA-2019-0059)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0059 advisory. 0.9.9-13 - Fix CVE-2018-15127 Heap out-of-bounds write in rfbserver.c:rfbProcessFileTransferReadBuffer bug 1662995 Tenable has extracted the preceding descripti...

Scientific Linux Security Update : libvncserver on SL7.x x86_64 (20190115)

Security Fixes : - libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer allows for potential code execution CVE-2018-15127 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid121205;...

RHEL 7 : libvncserver (RHSA-2019:0059)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0059 advisory. LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fixes: libvncserver: Heap out-of-bound...

Updated libvncserver & x11vnc packages fix security vulnerabilities

A heap use-after-free vulnerability in the server code of the file transfer extension, which can result in remote code execution. This attack appears to be exploitable via network connectivity CVE-2018-6307. A heap use-after-free vulnerability in the server code of the file transfer extension,...