Filtered by vendor Libvncserver
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2450 | 1 Libvncserver | 1 Libvncserver | 2022-05-13 | N/A |
| auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369. | ||||
| CVE-2014-6055 | 4 Debian, Fedoraproject, Libvncserver and 1 more | 5 Debian Linux, Fedora, Libvncserver and 2 more | 2020-10-23 | N/A |
| Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message. | ||||
| CVE-2014-6054 | 3 Canonical, Debian, Libvncserver | 3 Ubuntu Linux, Debian Linux, Libvncserver | 2020-10-23 | N/A |
| The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message. | ||||
| CVE-2014-6053 | 3 Canonical, Debian, Libvncserver | 3 Ubuntu Linux, Debian Linux, Libvncserver | 2020-10-23 | N/A |
| The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc. | ||||
| CVE-2014-6052 | 4 Canonical, Debian, Libvncserver and 1 more | 4 Ubuntu Linux, Debian Linux, Libvncserver and 1 more | 2020-10-23 | N/A |
| The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message. | ||||
| CVE-2014-6051 | 5 Debian, Fedoraproject, Libvncserver and 2 more | 6 Debian Linux, Fedora, Libvncserver and 3 more | 2020-10-23 | N/A |
| Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow. | ||||
Page 1 of 1.