Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2011-0904

Опубликовано: 10 мая 2011
Источник: debian
EPSS Низкий

Описание

The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
vinofixed2.28.2-3package
libvncservernot-affectedpackage
kdenetworkfixed4:4.0package

Примечания

  • Only affects the krfb from KDE 3.5

EPSS

Процентиль: 77%
0.01021
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2011-0904

ubuntu
больше 14 лет назад

The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.

redhat логотип

CVE-2011-0904

redhat
больше 14 лет назад

The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.

nvd логотип

CVE-2011-0904

nvd
больше 14 лет назад

The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.

github логотип

GHSA-5c7f-3fp9-p3v4

github
больше 3 лет назад

The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.

oracle-oval логотип

ELSA-2013-0169

oracle-oval
почти 13 лет назад

ELSA-2013-0169: vino security update (MODERATE)

EPSS

Процентиль: 77%
0.01021
Низкий
Уязвимость CVE-2011-0904