libvncserver
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Cross-platform C libraries that allow you to easily implement VNC server or client functionality |
| Version | 0.9.14-2 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-628 | 0.9.11-3 | 0.9.12-1 | High | Fixed | |
| AVG-124 | 0.9.10-4 | 0.9.11-1 | Critical | Fixed | FS#52481 |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2018-7226 | AVG-628 | High | Yes | Arbitrary code execution | An issue was discovered in vcSetXCutTextProc() in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Missing... |
| CVE-2018-7225 | AVG-628 | Medium | Yes | Information disclosure | An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access... |
| CVE-2016-9942 | AVG-124 | Critical | Yes | Arbitrary code execution | A heap-based buffer overflow has been discovered in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service... |
| CVE-2016-9941 | AVG-124 | Critical | Yes | Arbitrary code execution | A heap-based buffer overflow has been discovered in rfbproto.c in the LibVNCClient part of LibVNCServer before 0.9.11 allows remote servers to cause a... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 13 Jan 2017 | ASA-201701-20 | AVG-124 | Critical | arbitrary code execution |