CVE-2016-9941 log
| Source |
|
| Severity | Critical |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | A heap-based buffer overflow has been discovered in rfbproto.c in the LibVNCClient part of LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-124 | libvncserver | 0.9.10-4 | 0.9.11-1 | Critical | Fixed | FS#52481 |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 13 Jan 2017 | ASA-201701-20 | AVG-124 | libvncserver | Critical | arbitrary code execution |
| References |
|---|
https://github.com/LibVNC/libvncserver/pull/137 |