CVE-2020-25708

Опубликовано: 27 нояб. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=1896739
Exploit
Issue Tracking
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00035.html
Mailing List
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1896739
Exploit
Issue Tracking
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00035.html
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libvncserver_project:libvncserver:0.9.12:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 40%

0.00177

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-369

Связанные уязвимости

CVE-2020-25708

CVSS3: 7.5

ubuntu

больше 4 лет назад

CVE-2020-25708

CVSS3: 7.5

redhat

около 5 лет назад

CVE-2020-25708

CVSS3: 7.5

debian

больше 4 лет назад

A divide by zero issue was found to occur in libvncserver-0.9.12. A ma ...

openSUSE-SU-2020:2097-1

suse-cvrf

больше 4 лет назад

Security update for LibVNCServer

openSUSE-SU-2020:2025-1

suse-cvrf

больше 4 лет назад

Security update for LibVNCServer

EPSS

Процентиль: 40%

0.00177

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-369