Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-6052

Опубликовано: 15 дек. 2014
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5

Описание

The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.

РелизСтатусПримечание
bionic

released

1:3.0.1+dfsg1-1
devel

DNE

esm-apps/bionic

released

1:3.0.1+dfsg1-1
esm-apps/xenial

released

1:2.0.2+dfsg1-4ubuntu0.1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
esm-infra/focal

DNE

focal

DNE

precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was needed

Показывать по

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
lucid

DNE

precise

DNE

trusty

not-affected

trusty/esm

DNE

trusty was not-affected
upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

released

0.9.9+dfsg-6ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [0.9.9+dfsg-1ubuntu1.1]]
lucid

ignored

end of life
precise

released

0.9.8.2-2ubuntu1.1
trusty

released

0.9.9+dfsg-1ubuntu1.1
trusty/esm

DNE

trusty was released [0.9.9+dfsg-1ubuntu1.1]
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 89%
0.0454
Низкий

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2014-6052

redhat
почти 11 лет назад

The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.

nvd логотип

CVE-2014-6052

nvd
больше 10 лет назад

The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.

debian логотип

CVE-2014-6052

debian
больше 10 лет назад

The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibV ...

github логотип

GHSA-hph4-vx7v-q23g

github
около 3 лет назад

The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.

fstec логотип

BDU:2020-00582

CVSS3: 7.3
fstec
больше 10 лет назад

Уязвимость функции HandleRFBServerMessage кроссплатформенной библиотеки LibVNCServer, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 89%
0.0454
Низкий

7.5 High

CVSS2