Show filters
41 Total Results
Displaying 31-40 of 41
Sort by:
Attacker Value
Unknown
CVE-2018-15127
Disclosure Date: December 19, 2018 (last updated November 27, 2024)
LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution
0
Attacker Value
Unknown
CVE-2018-20024
Disclosure Date: December 19, 2018 (last updated November 27, 2024)
LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.
0
Attacker Value
Unknown
CVE-2018-7225
Disclosure Date: February 19, 2018 (last updated November 26, 2024)
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.
0
Attacker Value
Unknown
CVE-2016-9942
Disclosure Date: December 31, 2016 (last updated November 25, 2024)
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
0
Attacker Value
Unknown
CVE-2016-9941
Disclosure Date: December 31, 2016 (last updated November 25, 2024)
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
0
Attacker Value
Unknown
CVE-2014-6052
Disclosure Date: December 15, 2014 (last updated October 05, 2023)
The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.
0
Attacker Value
Unknown
CVE-2014-6053
Disclosure Date: December 15, 2014 (last updated October 05, 2023)
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.
0
Attacker Value
Unknown
CVE-2014-6054
Disclosure Date: October 06, 2014 (last updated October 05, 2023)
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message.
0
Attacker Value
Unknown
CVE-2014-6051
Disclosure Date: September 30, 2014 (last updated October 05, 2023)
Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.
0
Attacker Value
Unknown
CVE-2014-6055
Disclosure Date: September 30, 2014 (last updated October 05, 2023)
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message.
0
