Описание
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libvncserver | fixed | 0.9.11+dfsg-1.2 | package | |
| italc | removed | package | ||
| italc | not-affected | stretch | package | |
| ssvnc | fixed | 1.0.29-5 | package | |
| ssvnc | fixed | 1.0.29-4+deb10u1 | buster | package |
| ssvnc | fixed | 1.0.29-3+deb9u1 | stretch | package |
| veyon | fixed | 4.1.4+repack1-1 | package |
Примечания
https://github.com/LibVNC/libvncserver/issues/250
https://github.com/LibVNC/libvncserver/commit/09f2f3fb6a5a163e453e5c2979054670c39694bc
https://github.com/LibVNC/libvncserver/commit/7b1ef0ffc4815cab9a96c7278394152bdc89dc4d
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-030-libvnc-heap-out-of-bound-write/
same as CVE-2019-8287/tightvnc
Связанные уязвимости
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
Уязвимость библиотеки LibVNC, связанная со считыванием данных за пределами заданного буфера, позволяющая нарушителю выполнить произвольный код