Search for packages
| purl | pkg:deb/ubuntu/libvncserver@0.9.12%2Bdfsg-9ubuntu0.1 |
| Next non-vulnerable version | 0.9.12+dfsg-9ubuntu0.3 |
| Latest non-vulnerable version | 0.9.12+dfsg-9ubuntu0.3 |
| Risk | 3.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2yuk-ws73-aaad
Aliases: CVE-2020-14396 |
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference. |
Affected by 1 other vulnerability. |
|
VCID-58u6-hetu-aaac
Aliases: CVE-2019-20839 |
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. |
Affected by 1 other vulnerability. |
|
VCID-dxca-z5tc-aaan
Aliases: CVE-2020-14398 |
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c. |
Affected by 1 other vulnerability. |
|
VCID-frbk-ddpp-aaag
Aliases: CVE-2020-14400 |
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary |
Affected by 1 other vulnerability. |
|
VCID-k3m4-tbee-aaar
Aliases: CVE-2020-25708 |
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service. |
Affected by 0 other vulnerabilities. |
|
VCID-pnk6-ygur-aaac
Aliases: CVE-2020-14403 |
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings. |
Affected by 1 other vulnerability. |
|
VCID-rr1x-acxw-aaaj
Aliases: CVE-2020-14401 |
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow. |
Affected by 1 other vulnerability. |
|
VCID-sfbs-7g9d-aaae
Aliases: CVE-2020-14405 |
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size. |
Affected by 1 other vulnerability. |
|
VCID-ug7x-edut-aaab
Aliases: CVE-2020-14404 |
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings. |
Affected by 1 other vulnerability. |
|
VCID-vw2e-eqq7-aaap
Aliases: CVE-2020-14397 |
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. |
Affected by 1 other vulnerability. |
|
VCID-xfj3-nxu6-aaag
Aliases: CVE-2020-14399 |
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed. |
Affected by 1 other vulnerability. |
|
VCID-zd9h-ppfr-aaae
Aliases: CVE-2020-14402 |
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-56ur-wkbb-aaam | LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution. |
CVE-2019-15690
|
| VCID-dppj-meh7-aaaq | TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity. |
CVE-2019-15680
|
| VCID-y75q-tuag-aaam | It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. |
CVE-2017-18922
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|