Описание
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
A flaw was found in realvnc. LibVNCServer, in versions prior to 0.9.9, contain a NULL pointer dereference when handling certain ClientCutText messages which could be used by a remote attacker to crash the VNC server. The highest threat from this vulnerability is to system availability.
Отчет
This flaw is in RealVNC shipped with Red Hat Enterprise Linux 5. A similar flaw was also found in LibVNCServer and was assigned CVE-2014-6053
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | vnc | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
EPSS
7.5 High
CVSS3