CVE-2018-21247

Опубликовано: 17 июн. 2020

Источник: debian

EPSS Низкий

Описание

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libvncserver	fixed	0.9.11+dfsg-1.2		package

Примечания

https://github.com/LibVNC/libvncserver/issues/253
https://github.com/LibVNC/libvncserver/commit/8b06f835e259652b0ff026898014fc7297ade858

EPSS

Процентиль: 77%

0.0113

Низкий

Связанные уязвимости

CVE-2018-21247

CVSS3: 7.5

ubuntu

около 5 лет назад

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

CVE-2018-21247

CVSS3: 7.5

redhat

около 5 лет назад

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

CVE-2018-21247

CVSS3: 7.5

nvd

около 5 лет назад

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

GHSA-355f-mpqr-3mwv

CVSS3: 7.5

github

около 3 лет назад

An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

BDU:2020-03958

CVSS3: 7.5

fstec

почти 7 лет назад

Уязвимость реализации функции ConnectToRFBRepeater кроссплатформенной библиотеки LibVNCServer, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 77%

0.0113

Низкий