Описание
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | DNE | |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/xenial | released | 1:2.0.2+dfsg1-4ubuntu0.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/focal | DNE | |
| focal | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.9.11+dfsg-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [0.9.9+dfsg-1ubuntu1.2]] |
| esm-infra/xenial | released | 0.9.10+dfsg-3ubuntu0.16.04.1 |
| precise | released | 0.9.8.2-2ubuntu1.2 |
| trusty | released | 0.9.9+dfsg-1ubuntu1.2 |
| trusty/esm | DNE | trusty was released [0.9.9+dfsg-1ubuntu1.2] |
| upstream | released | 0.9.11 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 0.9.10+dfsg-3ubuntu0.16.04.1 |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServ ...
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
Уязвимость компонента rfbproto.c кроссплатформенной библиотеки LibVNCServer, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании и получить несанкционированный доступ к конфиденциальным данным
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3