libvncserver

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Cross-platform C libraries that allow you to easily implement VNC server or client functionality
Version 0.9.11-3 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-628 0.9.11-3 High Vulnerable
Issue Group Severity Remote Type Description
CVE-2018-7226 AVG-628 High Yes Arbitrary code execution
An issue was discovered in vcSetXCutTextProc() in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Missing...
CVE-2018-7225 AVG-628 Medium Yes Information disclosure
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-124 0.9.10-4 0.9.11-1 Critical Fixed FS#52481
Issue Group Severity Remote Type Description
CVE-2016-9942 AVG-124 Critical Yes Arbitrary code execution
A heap-based buffer overflow has been discovered in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service...
CVE-2016-9941 AVG-124 Critical Yes Arbitrary code execution
A heap-based buffer overflow has been discovered in rfbproto.c in the LibVNCClient part of LibVNCServer before 0.9.11 allows remote servers to cause a...

Advisories

Date Advisory Group Severity Description
13 Jan 2017 ASA-201701-20 AVG-124 Critical arbitrary code execution