CVE-2014-6051CVE-2014-6051

Affected configuration(s):

cpe:/a:libvncserver:libvncserver:0.9.9
cpe:/o:debian:debian_linux:7.0
cpe:/o:fedoraproject:fedora:20
cpe:/o:fedoraproject:fedora:21
cpe:/o:oracle:solaris:11.3
cpe:/o:redhat:enterprise_linux_server_aus:6.5
cpe:/o:redhat:enterprise_linux_server_eus:6.5.z

Date published: 2014-09-30T12:55:07.010-04:00

Date last modified: 2017-06-30T21:29:07.157-04:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html

Summary: Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.