Описание
ELSA-2020-0913: libvncserver security update (IMPORTANT)
[0.9.9-14]
- Fix CVE-2019-15690 (an integer overflow in HandleCursorShape() in a client) (bug #1814339)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
libvncserver
0.9.9-14.el7_7
libvncserver-devel
0.9.9-14.el7_7
Oracle Linux x86_64
libvncserver
0.9.9-14.el7_7
libvncserver-devel
0.9.9-14.el7_7
Связанные CVE
Связанные уязвимости
LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution.
LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution.
LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution.
LibVNCServer 0.9.12 release and earlier contains heap buffer overflow ...
LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution.