Lucene search
Ubuntu.comUB:CVE-2018-20019HistoryDec 19, 2018 - 12:00 a.m.
CVE-2018-20019
2018-12-1900:00:00
ubuntu.com
ubuntu.com
4
0.04 Low
EPSS
Percentile
92.0%
LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains
multiple heap out-of-bound write vulnerabilities in VNC client code that
can result remote code execution
Bugs
- <https://github.com/LibVNC/libvncserver/issues/247>
- <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941>
Notes
| Author | Note |
|---|---|
| mdeslaur | original upstream patch for this issue was incomplete. See CVE-2018-20748 for more fixes. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | italc | <Â 1:3.0.3+dfsg1-3ubuntu0.1 | UNKNOWN |
| ubuntu | 16.04 | noarch | italc | <Â 1:2.0.2+dfsg1-4ubuntu0.1 | UNKNOWN |
| ubuntu | 18.04 | noarch | libvncserver | <Â 0.9.11+dfsg-1ubuntu1.1 | UNKNOWN |
| ubuntu | 18.10 | noarch | libvncserver | <Â 0.9.11+dfsg-1.1ubuntu0.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | libvncserver | <Â 0.9.9+dfsg-1ubuntu1.4 | UNKNOWN |
| ubuntu | 16.04 | noarch | libvncserver | <Â 0.9.10+dfsg-3ubuntu0.16.04.3 | UNKNOWN |
References
ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-029-libvnc-multiple-heap-out-of-bound-vulnerabilities/
launchpad.net/bugs/cve/CVE-2018-20019
nvd.nist.gov/vuln/detail/CVE-2018-20019
security-tracker.debian.org/tracker/CVE-2018-20019
ubuntu.com/security/notices/USN-3877-1
ubuntu.com/security/notices/USN-4547-1
www.cve.org/CVERecord?id=CVE-2018-20019
Related
cvelist
cvelist
CVE-2018-20748
2019-01-30 18:00:00
CVE-2018-20019
2018-12-19 16:00:00
redhatcve
redhatcve
CVE-2018-20748
2019-01-31 14:50:59
CVE-2018-20019
2018-12-20 07:21:52
debiancve
debiancve
CVE-2018-20748
2019-01-30 18:29:00
CVE-2018-20019
2018-12-19 16:29:00
prion
prion
Heap overflow
2019-01-30 18:29:00
Heap overflow
2018-12-19 16:29:00
osv
osv
CVE-2018-20748
2019-01-30 18:29:00
CVE-2018-20019
2018-12-19 16:29:00
libvncserver - security update
2019-01-31 00:00:00
cve
cve
CVE-2018-20748
2019-01-30 18:29:00
CVE-2018-20019
2018-12-19 16:29:00
ubuntucve
ubuntucve
openvas
openvas
Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2019-1068)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-1652-1)
2019-01-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0313-1)
2021-04-19 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : libvncserver (EulerOS-SA-2019-1068)
2019-03-08 00:00:00
Debian DLA-1652-1 : libvncserver security update
2019-02-01 00:00:00
RHEL 8 : libvncserver (Unpatched Vulnerability)
2024-05-11 00:00:00
veracode
veracode
Out-of-bounds Write
2018-12-27 06:16:13
debian
debian
[SECURITY] [DLA 1652-1] libvncserver security update
2019-01-31 14:40:33
[SECURITY] [DLA 1617-1] libvncserver security update
2018-12-27 03:53:27
[SECURITY] [DLA 1979-1] italc security update
2019-10-30 22:21:50
suse
suse
Security update for LibVNCServer (critical)
2019-02-18 00:00:00
Security update for LibVNCServer (critical)
2019-02-18 00:00:00
Security update for LibVNCServer (important)
2019-01-18 00:00:00
ubuntu
ubuntu
LibVNCServer vulnerabilities
2019-01-31 00:00:00
iTALC vulnerabilities
2020-09-28 00:00:00
iTALC vulnerabilities
2020-10-20 00:00:00
mageia
mageia
Updated italc packages fix security vulnerabilities
2020-11-23 22:51:37
Updated libvncserver & x11vnc packages fix security vulnerabilities
2019-01-16 01:15:34
ics
ics
Siemens SIMATIC ITC
2021-12-16 12:00:00
gentoo
gentoo
LibVNCServer: Multiple vulnerabilities
2019-08-09 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1900
2021-07-02 17:22:34