EUVD-2018-7239

Malware in sbrugna...

EUVD-2018-12599

Malware in sbrugna...

Debian DLA-2016-1 : ssvnc security update

Several vulnerabilities have been identified in the VNC code of ssvnc, an encryption-capable VNC client.. The vulnerabilities referenced below are issues that have originally been reported against Debian source package libvncserver which also ships the libvncclient shared library. The ssvnc sourc...

CVE-2019-8268

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been...

CVE-2019-8265

UltraVNC revision 1207 contains multiple out-of-bounds access vulnerabilities in the VNC client code (notably related to improper usage of the SETPIXELS macro), which can potentially enable remote code execution over a network. In the connected disclosures, these issues are consistently tied to t...

CVE-2019-8268

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been...

CVE-2019-8270

UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service DoS condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211...

CVE-2019-8268

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been...

Design/Logic Flaw

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is...

Design/Logic Flaw

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in...

CVE-2019-8259

UltraVNC revision 1198 contains multiple memory leaks CWE-655 in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...

CVE-2019-8259

UltraVNC revision 1198 contains multiple memory leaks CWE-655 in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...

CVE-2019-8262

UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in the VNC client code inside the Ultra decoder, which can lead to remote code execution over the network. These issues are fixed in revision 1204. The CVE is assigned to the heap-based overflow in UltraVNC 1203 and is rated...

CVE-2018-15361

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199...

openSUSE Security Update : LibVNCServer (openSUSE-2019-200)

This update for LibVNCServer fixes the following issues: Security issues fixed : - CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c bsc1123828 - CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c bsc1123832 - CVE-2018-20748: Fixed multiple...

SUSE SLES11 Security Update : LibVNCServer (SUSE-SU-2019:13952-1)

This update for LibVNCServer fixes the following issues : Security issues fixed : CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c bsc1123828 CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c bsc1123832 CVE-2018-20748: Fixed multiple heap...

SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2019:0313-1)

This update for LibVNCServer fixes the following issues : Security issues fixed : CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c bsc1123828 CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c bsc1123832 CVE-2018-20748: Fixed multiple heap...

CVE-2018-20020

LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution...

CVE-2018-20022

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...

CVE-2018-20022

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...