Heap overflow

Multiple heap-based buffer overflows in the ZRLEDECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service vncviewer crash and possibly execute arbitrary code via vectors related to screen image rendering...

CVE-2014-0011

TigerVNC versions prior to 1.3.1 are affected by CVE-2014-0011 due to multiple heap-based buffer overflows in the ZRLE_DECODE function (common/rfb/zrleDecode.h). When NDEBUG is enabled, a remote VNC server could crash the vncviewer and potentially execute arbitrary code via image-rendering vector...

CVE-2014-0011

Multiple heap-based buffer overflows in the ZRLEDECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service vncviewer crash and possibly execute arbitrary code via vectors related to screen image rendering...

CVE-2014-0011

Multiple heap-based buffer overflows in the ZRLEDECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service vncviewer crash and possibly execute arbitrary code via vectors related to screen image rendering...

Updated tigervnc packages fix CVE-2014-0011

Updated tigervnc packages fix security vulnerability: A heap-based buffer overflow was found in the way vncviewer rendered certain screen images from a vnc server. If a user could be tricked into connecting to a malicious vnc server, it may cause the vncviewer to crash, or could possibly execute...

TigerVNC "ZRLE_DECODE()"缓冲区溢出漏洞

CVE ID：CVE-2014-0011 TigerVNC是一种先进的VNC的实现。 由于"ZRLEDECODE"功能common/rfb/zrleDecode.h存在边界错误，攻击者可以利用漏洞导致缓冲区溢出。 0 TigerVNC 1.x TigerVNC 1.3.1版本以修复此漏洞，建议用户下载使用： http://sourceforge.net/projects/tigervnc/...