An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
No history.
Information
Published : 2018-02-19 15:29
Updated : 2024-11-21 04:11
NVD link : CVE-2018-7225
Mitre link : CVE-2018-7225
CVE.ORG link : CVE-2018-7225
JSON object : View
Products Affected
redhat
- enterprise_linux_workstation
- enterprise_linux_server_aus
- enterprise_linux_server_eus
- enterprise_linux_desktop
- enterprise_linux_server
- enterprise_linux_server_tus
debian
- debian_linux
canonical
- ubuntu_linux
libvncserver_project
- libvncserver
CWE
CWE-190
Integer Overflow or Wraparound