CVE-2018-21247

Опубликовано: 17 июн. 2020

Источник: redhat

CVSS3: 7.5

Описание

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libvncserver	Not affected
Red Hat Enterprise Linux 7	libvncserver	Will not fix
Red Hat Enterprise Linux 8	libvncserver	Fixed	RHSA-2021:1811	18.05.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=1849886libvncserver: uninitialized memory contents are vulnerable to Information Leak

7.5 High

CVSS3

Связанные уязвимости

CVE-2018-21247

CVSS3: 7.5

ubuntu

около 5 лет назад

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

CVE-2018-21247

CVSS3: 7.5

nvd

около 5 лет назад

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

CVE-2018-21247

CVSS3: 7.5

debian

около 5 лет назад

An issue was discovered in LibVNCServer before 0.9.13. There is an inf ...

GHSA-355f-mpqr-3mwv

CVSS3: 7.5

github

около 3 лет назад

An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

BDU:2020-03958

CVSS3: 7.5

fstec

почти 7 лет назад

Уязвимость реализации функции ConnectToRFBRepeater кроссплатформенной библиотеки LibVNCServer, позволяющая нарушителю вызвать отказ в обслуживании

7.5 High

CVSS3