Описание
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:3.0.1+dfsg1-1 |
| devel | DNE | |
| esm-apps/bionic | released | 1:3.0.1+dfsg1-1 |
| esm-apps/xenial | released | 1:2.0.2+dfsg1-4ubuntu0.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/focal | DNE | |
| focal | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.9.11+dfsg-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [0.9.9+dfsg-1ubuntu1.2]] |
| esm-infra/xenial | released | 0.9.10+dfsg-3ubuntu0.16.04.1 |
| precise | released | 0.9.8.2-2ubuntu1.2 |
| trusty | released | 0.9.9+dfsg-1ubuntu1.2 |
| trusty/esm | DNE | trusty was released [0.9.9+dfsg-1ubuntu1.2] |
| upstream | released | 0.9.11 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 0.9.10+dfsg-3ubuntu0.16.04.1 |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer ...
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
Уязвимость компонента ultra.c кроссплатформенной библиотеки LibVNCServer, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании и получить несанкционированный доступ к конфиденциальным данным
7.5 High
CVSS2
9.8 Critical
CVSS3