736 matches found
[SECURITY] Fedora 26 Update: libvncserver-0.9.11-3.fc26
LibVNCServer makes writing a VNC server or more correctly, a program expor ting a frame-buffer via the Remote Frame Buffer protocol easy. It hides the programmer from the tedious task of managing clients and compression schemata...
Debian DLA-1332-1 : libvncserver security update
libvncserver version through 0.9.11. does not sanitize msg.cct.length which may result in access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets. For Debian 7 'Wheezy', these problems have been fixed ...
Debian: Security Advisory (DLA-1332-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1332-1] libvncserver security update
Package : libvncserver Version : 0.9.9+dfsg-1+deb7u3 CVE ID : CVE-2018-7225 Debian Bug : 894045 libvncserver version through 0.9.11. does not sanitize msg.cct.length which may result in access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer...
[SECURITY] Fedora 28 Update: libvncserver-0.9.11-6.fc28
LibVNCServer makes writing a VNC server or more correctly, a program expor ting a frame-buffer via the Remote Frame Buffer protocol easy. It hides the programmer from the tedious task of managing clients and compression schemata...
Security update for LibVNCServer (important)
LibVNCServer was updated to fix two security issues. These security issues were fixed: - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage bsc1081493. - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of servic...
openSUSE: Security Advisory for LibVNCServer (openSUSE-SU-2018:0851-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : LibVNCServer (openSUSE-2018-326)
LibVNCServer was updated to fix two security issues. These security issues were fixed : - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage bsc1081493. - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of servi...
Fedora Update for libvncserver FEDORA-2018-4897772a43
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2018:0830-1)
LibVNCServer was updated to fix two security issues. These security issues were fixed : - CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage bsc1081493. - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of servi...
Fedora 27 : libvncserver (2018-4897772a43)
This release fixes a possible sensitive data leak and a memory exhaustion when handling ClientTextCut messages of the RFB protocol. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatical...
[SECURITY] Fedora 27 Update: libvncserver-0.9.11-5.fc27
LibVNCServer makes writing a VNC server or more correctly, a program expor ting a frame-buffer via the Remote Frame Buffer protocol easy. It hides the programmer from the tedious task of managing clients and compression schemata...
libVNCserver 'rfbserver.c' Integer Overflow Vulnerability
LibVNCServer is an application library for VNC servers. An integer overflow vulnerability exists in libVNCserver 'rfbserver.c'. The vulnerability is due to rfbserver.crfbProcessClientNormalMessage failing to filter msg.cct.length, which can be exploited by an attacker to execute arbitrary code in...
CVE-2018-7225
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...
Integer overflow
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...
CVE-2018-7225
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...
CVE-2018-7225
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...
CVE-2018-7225
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...
CVE-2018-7225
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...
CVE-2018-7225
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...