CVE-2014-6051
Published: 24 September 2014
Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.
Notes
| Author | Note |
|---|---|
| mdeslaur | krfb is only a server, this issue is client side. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
italc Launchpad, Ubuntu, Debian |
bionic |
Released
(1:3.0.1+dfsg1-1)
|
| focal |
Does not exist
|
|
| trusty |
Does not exist
(trusty was needed)
|
|
| upstream |
Released
(1:3.0.3+dfsg1-1+deb9u1, 1:2.0.2+dfsg1-2+deb8u1)
|
|
| xenial |
Released
(1:2.0.2+dfsg1-4ubuntu0.1)
|
|
|
krfb Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
(trusty was not-affected)
|
|
| upstream |
Needs triage
|
|
|
libvncserver Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
| precise |
Released
(0.9.8.2-2ubuntu1.1)
|
|
| trusty |
Released
(0.9.9+dfsg-1ubuntu1.1)
|
|
| upstream |
Needs triage
|
|
|
Patches: upstream: https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273 upstream: https://github.com/newsoft/libvncserver/commit/85a778c0e45e87e35ee7199f1f25020648e8b812 |
||