Search for packages
| purl | pkg:deb/ubuntu/krfb@4:4.12.90-0ubuntu1 |
| Next non-vulnerable version | 4:4.13.97-0ubuntu2 |
| Latest non-vulnerable version | 4:4.13.97-0ubuntu2 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1f7b-k679-aaah
Aliases: CVE-2014-6054 |
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message. |
Affected by 1 other vulnerability. |
|
VCID-72b4-1brz-aaaj
Aliases: CVE-2014-4607 |
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run. |
Affected by 0 other vulnerabilities. |
|
VCID-9v5m-a7zv-aaab
Aliases: CVE-2014-6053 |
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc. |
Affected by 1 other vulnerability. |
|
VCID-a5c7-yy5f-aaan
Aliases: CVE-2014-6055 |
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|