Lucene search
Veracode Vulnerability DatabaseVERACODE:8084HistoryDec 27, 2018 - 6:16 a.m.
Out-of-bounds Write
2018-12-2706:16:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.038 Low
EPSS
Percentile
91.9%
libvncserver.so is vulnerable out-of-bounds write. The attack can be triggered by causing heap buffer overflows via improper memory allocation and handling.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libvncserver.so | eq | 0.0.0 |
References
cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf
github.com/LibVNC/libvncserver/commit/a83439b9fbe0f03c48eb94ed05729cb016f8b72f
ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-029-libvnc-multiple-heap-out-of-bound-vulnerabilities/
lists.debian.org/debian-lts-announce/2018/12/msg00017.html
lists.debian.org/debian-lts-announce/2019/10/msg00042.html
security.gentoo.org/glsa/201908-05
usn.ubuntu.com/3877-1/
usn.ubuntu.com/4547-1/
usn.ubuntu.com/4587-1/
www.debian.org/security/2019/dsa-4383
Related
cve
cve
CVE-2018-20019
2018-12-19 16:29:00
CVE-2018-20748
2019-01-30 18:29:00
prion
prion
Heap overflow
2018-12-19 16:29:00
Heap overflow
2019-01-30 18:29:00
cvelist
cvelist
CVE-2018-20019
2018-12-19 16:00:00
CVE-2018-20748
2019-01-30 18:00:00
nvd
nvd
CVE-2018-20019
2018-12-19 16:29:00
CVE-2018-20748
2019-01-30 18:29:00
osv
osv
CVE-2018-20019
2018-12-19 16:29:00
CVE-2018-20748
2019-01-30 18:29:00
libvncserver - security update
2018-12-25 00:00:00
redhatcve
redhatcve
CVE-2018-20019
2018-12-20 07:21:52
CVE-2018-20748
2019-01-31 14:50:59
debiancve
debiancve
CVE-2018-20019
2018-12-19 16:29:00
CVE-2018-20748
2019-01-30 18:29:00
ubuntucve
ubuntucve
openvas
openvas
Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2019-1068)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-1652-1)
2019-01-30 00:00:00
Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2019-1033)
2020-01-23 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : libvncserver (EulerOS-SA-2019-1068)
2019-03-08 00:00:00
Debian DLA-1652-1 : libvncserver security update
2019-02-01 00:00:00
EulerOS 2.0 SP5 : libvncserver (EulerOS-SA-2019-1033)
2019-02-15 00:00:00
debian
debian
[SECURITY] [DLA 1652-1] libvncserver security update
2019-01-31 14:40:16
[SECURITY] [DLA 1617-1] libvncserver security update
2018-12-27 03:53:08
[SECURITY] [DSA 4383-1] libvncserver security update
2019-02-03 20:52:03
gentoo
gentoo
LibVNCServer: Multiple vulnerabilities
2019-08-09 00:00:00
suse
suse
Security update for LibVNCServer (important)
2019-01-12 00:00:00
Security update for LibVNCServer (important)
2019-01-18 00:00:00
mageia
mageia
Updated libvncserver & x11vnc packages fix security vulnerabilities
2019-01-16 01:15:34
Updated italc packages fix security vulnerabilities
2020-11-23 22:51:37
ubuntu
ubuntu
iTALC vulnerabilities
2020-09-28 00:00:00
LibVNCServer vulnerabilities
2019-01-31 00:00:00
iTALC vulnerabilities
2020-10-20 00:00:00
ics
ics
Siemens SIMATIC ITC
2021-12-16 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1900
2021-07-02 17:22:34