Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-7225

Опубликовано: 19 фев. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.

РелизСтатусПримечание
bionic

released

1:3.0.3+dfsg1-3ubuntu0.1
devel

DNE

esm-apps/bionic

released

1:3.0.3+dfsg1-3ubuntu0.1
esm-apps/xenial

released

1:2.0.2+dfsg1-4ubuntu0.1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
artful

released

0.9.11+dfsg-1ubuntu0.1
bionic

released

0.9.11+dfsg-1ubuntu0.1
devel

released

0.9.11+dfsg-1ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [0.9.9+dfsg-1ubuntu1.3]]
esm-infra/bionic

released

0.9.11+dfsg-1ubuntu0.1
esm-infra/focal

released

0.9.11+dfsg-1ubuntu0.1
esm-infra/xenial

released

0.9.10+dfsg-3ubuntu0.16.04.2
focal

released

0.9.11+dfsg-1ubuntu0.1
groovy

released

0.9.11+dfsg-1ubuntu1
hirsute

released

0.9.11+dfsg-1ubuntu1

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

released

1.3.9-6.5+deb8u1build0.14.04.1~esm1
focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

released

3.22.0-3ubuntu1.1
devel

released

3.22.0-6ubuntu1
esm-apps/jammy

released

3.22.0-6ubuntu1
esm-apps/noble

released

3.22.0-6ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

3.22.0-3ubuntu1.1
esm-infra/focal

released

3.22.0-5ubuntu2.1
esm-infra/xenial

released

3.8.1-0ubuntu9.3
focal

released

3.22.0-5ubuntu2.1
groovy

released

3.22.0-6ubuntu1

Показывать по

Ссылки на источники

EPSS

Процентиль: 87%
0.03567
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-7225

CVSS3: 5.4
redhat
больше 7 лет назад

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.

nvd логотип

CVE-2018-7225

CVSS3: 9.8
nvd
больше 7 лет назад

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.

debian логотип

CVE-2018-7225

CVSS3: 9.8
debian
больше 7 лет назад

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClie ...

suse-cvrf логотип

SUSE-SU-2018:0875-1

suse-cvrf
больше 7 лет назад

Security update for LibVNCServer

github логотип

GHSA-2v5x-9xhg-52hm

CVSS3: 9.8
github
больше 3 лет назад

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.

EPSS

Процентиль: 87%
0.03567
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3