rpm package
suse/LibVNCServer&distro=SUSE Linux Enterprise Workstation Extension 15 SP2
pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25708 | Hig | 7.5 | < 0.9.10-4.25.1 | 0.9.10-4.25.1 | Nov 27, 2020 | A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service. | |
| CVE-2017-18922 | Cri | 9.8 | < 0.9.10-4.19.1 | 0.9.10-4.19.1 | Jun 30, 2020 | It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. | |
| CVE-2020-14402 | Med | 5.4 | < 0.9.10-4.22.1 | 0.9.10-4.22.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. | |
| CVE-2020-14401 | Med | 6.5 | < 0.9.10-4.22.1 | 0.9.10-4.22.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow. | |
| CVE-2020-14400 | Hig | 7.5 | < 0.9.10-4.22.1 | 0.9.10-4.22.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary | |
| CVE-2020-14399 | Hig | 7.5 | < 0.9.10-4.22.1 | 0.9.10-4.22.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed. | |
| CVE-2020-14398 | Hig | 7.5 | < 0.9.10-4.22.1 | 0.9.10-4.22.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c. | |
| CVE-2020-14397 | Hig | 7.5 | < 0.9.10-4.22.1 | 0.9.10-4.22.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. | |
| CVE-2019-20840 | Hig | 7.5 | < 0.9.10-4.22.1 | 0.9.10-4.22.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode. | |
| CVE-2019-20839 | Hig | 7.5 | < 0.9.10-4.22.1 | 0.9.10-4.22.1 | Jun 17, 2020 | libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. | |
| CVE-2018-21247 | Hig | 7.5 | < 0.9.10-4.22.1 | 0.9.10-4.22.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function. |
- affected < 0.9.10-4.25.1fixed 0.9.10-4.25.1
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
- affected < 0.9.10-4.19.1fixed 0.9.10-4.19.1
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
- affected < 0.9.10-4.22.1fixed 0.9.10-4.22.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
- affected < 0.9.10-4.22.1fixed 0.9.10-4.22.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
- affected < 0.9.10-4.22.1fixed 0.9.10-4.22.1
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary
- affected < 0.9.10-4.22.1fixed 0.9.10-4.22.1
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
- affected < 0.9.10-4.22.1fixed 0.9.10-4.22.1
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.
- affected < 0.9.10-4.22.1fixed 0.9.10-4.22.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
- affected < 0.9.10-4.22.1fixed 0.9.10-4.22.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
- affected < 0.9.10-4.22.1fixed 0.9.10-4.22.1
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
- affected < 0.9.10-4.22.1fixed 0.9.10-4.22.1
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.