Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-15681

Опубликовано: 29 окт. 2019
Источник: ubuntu
Приоритет: low
CVSS2: 5
CVSS3: 7.5

Описание

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.

РелизСтатусПримечание
bionic

released

1:3.0.3+dfsg1-3ubuntu0.1
devel

DNE

esm-apps/bionic

released

1:3.0.3+dfsg1-3ubuntu0.1
esm-apps/xenial

released

1:2.0.2+dfsg1-4ubuntu0.1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

released

0.9.11+dfsg-1ubuntu1.2
devel

not-affected

0.9.12+dfsg-8
disco

ignored

end of life
eoan

released

0.9.11+dfsg-1.3ubuntu0.1
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

0.9.11+dfsg-1ubuntu1.2
esm-infra/focal

not-affected

0.9.12+dfsg-8
esm-infra/xenial

released

0.9.10+dfsg-3ubuntu0.16.04.4
focal

not-affected

0.9.12+dfsg-8
groovy

not-affected

0.9.12+dfsg-8

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

released

1.3.9-6.5+deb8u1build0.14.04.1~esm1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

released

3.22.0-3ubuntu1.1
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/jammy

released

3.22.0-6ubuntu1
esm-apps/noble

released

3.22.0-6ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

3.22.0-3ubuntu1.1
esm-infra/focal

released

3.22.0-5ubuntu2.1
esm-infra/xenial

released

3.8.1-0ubuntu9.3

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

not-affected

0.9.13-3ubuntu0.1~esm1
esm-apps/focal

not-affected

esm-apps/jammy

not-affected

esm-apps/noble

not-affected

esm-apps/xenial

not-affected

0.9.13-1.2ubuntu0.1~esm1
esm-infra-legacy/trusty

needs-triage

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-15681

CVSS3: 5.3
redhat
больше 6 лет назад

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.

nvd логотип

CVE-2019-15681

CVSS3: 7.5
nvd
больше 6 лет назад

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.

debian логотип

CVE-2019-15681

CVSS3: 7.5
debian
больше 6 лет назад

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains ...

suse-cvrf логотип

openSUSE-SU-2020:1071-1

suse-cvrf
больше 5 лет назад

Security update for vino

suse-cvrf логотип

SUSE-SU-2020:2009-1

suse-cvrf
больше 5 лет назад

Security update for vino

5 Medium

CVSS2

7.5 High

CVSS3

Уязвимость CVE-2019-15681