41 matches found
Astra Linux - уязвимость в vino
The commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in the VNC server code. This flaw allows an attacker to read stack memory, and it can be exploited for information disclosure. Combined with another vulnerability, this flaw can be used to leak stack memory and...
MiracleLinux 4 : vino-2.28.1-9.AXS4 (AXSA:2014-070:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-070:01 advisory. Vino is a VNC server for GNOME. It allows remote users to connect to a running GNOME session using VNC. Security issues fixed with this release: CVE-2013-5745...
EUVD-2011-0917
Malware in sbrugna...
EUVD-2012-3183
Malware in sbrugna...
EUVD-2011-0916
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2011-0905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and...
Linux Distros Unpatched Vulnerability : CVE-2011-0904
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and...
SUSE CVE-2011-0904
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service daemon crash via a large 1...
SUSE CVE-2011-0905
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service daemon crash via crafted...
SUSE CVE-2012-3205
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via unknown vectors related to Vino server...
SUSE CVE-2013-5745
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
Oracle Solaris Critical Patch Update : oct2012_SRU10_5
This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability requiring logon to Operating...
Scientific Linux Security Update : vino on SL5.x, SL6.x i386/x86_64 (20131022)
A denial of service flaw was found in the way Vino handled certain authenticated requests from clients that were in the deferred state. A remote attacker could use this flaw to make the vino-server process enter an infinite loop when processing those incoming requests. CVE-2013-5745 The GNOME...
vino: denial of service flaw
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
CVE-2013-5745
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
CVE-2013-5745
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
Authentication flaw
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
CVE-2013-5745
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
CVE-2013-5745
The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial ...
vino: Out of bounds read flaw by processing certain client raw encoding framebuffer update requests
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service daemon crash via a large 1...