Lucene search

K
ubuntuUbuntuUSN-1980-1
HistorySep 30, 2013 - 12:00 a.m.

Vino vulnerability

2013-09-3000:00:00
ubuntu.com
28

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

Low

EPSS

0.763

Percentile

98.2%

Releases

  • Ubuntu 13.04
  • Ubuntu 12.10
  • Ubuntu 12.04

Packages

  • vino - VNC server for GNOME

Details

Jonathan Claudius discovered that Vino incorrectly handled closing invalid
connections. A remote attacker could use this issue to cause Vino to
consume resources, resulting in a denial of service.

OSVersionArchitecturePackageVersionFilename
Ubuntu13.04noarchvino< 3.6.2-0ubuntu4.1UNKNOWN
Ubuntu12.10noarchvino< 3.6.0-0ubuntu1.2UNKNOWN
Ubuntu12.04noarchvino< 3.4.2-0ubuntu1.3UNKNOWN

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

Low

EPSS

0.763

Percentile

98.2%