Package libvncserver
Status Fixed
Severity High
Type multiple issues
Affected 0.9.11-3
Fixed 0.9.12-1
Current 0.9.12-1 [extra]
Ticket None
Created Thu Feb 22 22:20:21 2018
Issue Severity Remote Type Description
CVE-2018-7226 High Yes Arbitrary code execution
An issue was discovered in vcSetXCutTextProc() in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Missing...
CVE-2018-7225 Medium Yes Information disclosure
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access...