LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution
References
Link | Resource |
---|---|
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-027-libvnc-heap-use-after-free/ | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/01/msg00029.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html | |
https://usn.ubuntu.com/3877-1/ | Third Party Advisory |
https://www.debian.org/security/2019/dsa-4383 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Kaspersky
Published: 2018-12-19T16:00:00
Updated: 2019-10-31T00:06:44
Reserved: 2018-08-06T00:00:00
Link: CVE-2018-15126
JSON object: View
NVD Information
Status : Modified
Published: 2018-12-19T16:29:00.247
Modified: 2019-10-31T01:15:11.747
Link: CVE-2018-15126
JSON object: View
Redhat Information
No data.
CWE