LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf | Patch Third Party Advisory |
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-029-libvnc-multiple-heap-out-of-bound-vulnerabilities/ | Broken Link |
https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/201908-05 | Third Party Advisory |
https://usn.ubuntu.com/3877-1/ | Third Party Advisory |
https://usn.ubuntu.com/4547-1/ | Third Party Advisory |
https://usn.ubuntu.com/4587-1/ | Third Party Advisory |
https://www.debian.org/security/2019/dsa-4383 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Kaspersky
Published: 2018-12-19T16:00:00
Updated: 2021-12-14T13:06:15
Reserved: 2018-12-10T00:00:00
Link: CVE-2018-20019
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-12-19T16:29:00.343
Modified: 2022-03-31T19:48:43.987
Link: CVE-2018-20019
JSON object: View
Redhat Information
No data.
CWE