CVE-2016-9941 log
Source |
|
Severity | Critical |
Remote | Yes |
Type | Arbitrary code execution |
Description | A heap-based buffer overflow has been discovered in rfbproto.c in the LibVNCClient part of LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-124 | libvncserver | 0.9.10-4 | 0.9.11-1 | Critical | Fixed | FS#52481 |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
13 Jan 2017 | ASA-201701-20 | AVG-124 | libvncserver | Critical | arbitrary code execution |
References |
---|
https://github.com/LibVNC/libvncserver/pull/137 |