Описание
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
A flaw was found in libvncserver in versions through 0.9.12. A large height or width value may cause an integer overflow or a heap-based buffer overflow. The highest threat from this vulnerability is to system availability.
Отчет
This flaw was found to be a duplicate of CVE-2019-15690. Please see https://access.redhat.com/security/cve/CVE-2019-15690 for information about affected products and security errata.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libvncserver | Not affected | ||
| Red Hat Enterprise Linux 7 | libvncserver | Fixed | RHSA-2020:0913 | 23.03.2020 |
| Red Hat Enterprise Linux 8 | libvncserver | Fixed | RHSA-2020:0920 | 23.03.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | libvncserver | Fixed | RHSA-2020:0921 | 23.03.2020 |
Показывать по
Дополнительная информация
EPSS
0 Low
CVSS3
Связанные уязвимости
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCurso ...
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
EPSS
0 Low
CVSS3