AVG-124 log
| Package | libvncserver |
| Status | Fixed |
| Severity | Critical |
| Type | arbitrary code execution |
| Affected | 0.9.10-4 |
| Fixed | 0.9.11-1 |
| Current | 0.9.14-4 [extra] |
| Ticket | FS#52481 |
| Created | Sun Jan 1 17:16:34 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-9942 | Critical | Yes | Arbitrary code execution | A heap-based buffer overflow has been discovered in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service... |
| CVE-2016-9941 | Critical | Yes | Arbitrary code execution | A heap-based buffer overflow has been discovered in rfbproto.c in the LibVNCClient part of LibVNCServer before 0.9.11 allows remote servers to cause a... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 13 Jan 2017 | ASA-201701-20 | libvncserver | arbitrary code execution |
| References |
|---|
https://github.com/LibVNC/libvncserver/pull/137 |