VulnerableCode Package Details - pkg:deb/ubuntu/libvncserver@0.9.11%2Bdfsg-1.3ubuntu0.1

Search for packages

Package details: pkg:deb/ubuntu/libvncserver@0.9.11%2Bdfsg-1.3ubuntu0.1

Essentials
History (0)

purl	pkg:deb/ubuntu/libvncserver@0.9.11%2Bdfsg-1.3ubuntu0.1

Next non-vulnerable version	0.9.12+dfsg-9ubuntu0.3
Latest non-vulnerable version	0.9.12+dfsg-9ubuntu0.3
Risk	3.4

Vulnerabilities affecting this package (12)

Vulnerability	Summary	Fixed by
VCID-2yuk-ws73-aaad Aliases: CVE-2020-14396	An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-58u6-hetu-aaac Aliases: CVE-2019-20839	libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-dxca-z5tc-aaan Aliases: CVE-2020-14398	An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-frbk-ddpp-aaag Aliases: CVE-2020-14400	An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-k3m4-tbee-aaar Aliases: CVE-2020-25708	A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.	0.9.12+dfsg-9ubuntu0.3 Affected by 0 other vulnerabilities.
VCID-pnk6-ygur-aaac Aliases: CVE-2020-14403	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-rr1x-acxw-aaaj Aliases: CVE-2020-14401	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-sfbs-7g9d-aaae Aliases: CVE-2020-14405	An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ug7x-edut-aaab Aliases: CVE-2020-14404	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-vw2e-eqq7-aaap Aliases: CVE-2020-14397	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-xfj3-nxu6-aaag Aliases: CVE-2020-14399	An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-zd9h-ppfr-aaae Aliases: CVE-2020-14402	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.	0.9.12+dfsg-9ubuntu0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (5)

Vulnerability	Summary	Aliases
VCID-4rxj-kz9j-aaac	libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.	CVE-2019-20788
VCID-56ur-wkbb-aaam	LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution.	CVE-2019-15690
VCID-dppj-meh7-aaaq	TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity.	CVE-2019-15680
VCID-tnv1-3t49-aaam	LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.	CVE-2019-15681
VCID-y75q-tuag-aaam	It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.	CVE-2017-18922

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version