Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-6053

Опубликовано: 15 дек. 2014
Источник: debian
EPSS Средний

Описание

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libvncserverfixed0.9.9+dfsg-6.1package
italcfixed1:3.0.1+dfsg1-1package
tightvncfixed1:1.3.9-9.1package
tightvncfixed1:1.3.9-9deb10u1busterpackage
tightvncfixed1:1.3.9-9+deb9u1stretchpackage
vinofixed3.22.0-6package
vinono-dsabusterpackage
vinono-dsastretchpackage

Примечания

  • https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28

EPSS

Процентиль: 97%
0.36865
Средний

Связанные уязвимости

ubuntu логотип

CVE-2014-6053

ubuntu
больше 10 лет назад

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.

redhat логотип

CVE-2014-6053

redhat
почти 11 лет назад

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.

nvd логотип

CVE-2014-6053

nvd
больше 10 лет назад

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.

github логотип

GHSA-fcxc-59xc-c54c

github
около 3 лет назад

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.

oracle-oval логотип

ELSA-2014-1827

oracle-oval
больше 10 лет назад

ELSA-2014-1827: kdenetwork security update (MODERATE)

EPSS

Процентиль: 97%
0.36865
Средний