PT-2011-2750 · Gnome+2 · Vino+2

Publicado

2011-05-10

·

Atualizado

2024-06-15

·

CVE-2011-0905

CVSS v2.0

3.5

Baixa

VetorAV:N/AC:M/Au:S/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions Vino versions 2.x before 2.28.3 Vino versions 2.32.x before 2.32.2 Vino versions 3.0.x before 3.0.2 Vino versions 3.1.x before 3.1.1
Description The issue allows remote authenticated users to cause a denial of service, resulting in a daemon crash. This is achieved by sending crafted dimensions in a framebuffer update request, which triggers an out-of-bounds read operation when tight encoding is used.
Recommendations For Vino versions 2.x before 2.28.3, update to version 2.28.3 or later. For Vino versions 2.32.x before 2.32.2, update to version 2.32.2 or later. For Vino versions 3.0.x before 3.0.2, update to version 3.0.2 or later. For Vino versions 3.1.x before 3.1.1, update to version 3.1.1 or later.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CESA-2013_0169
CVE-2011-0905
DSA-2238-1
OPENSUSE-SU-2024:10047-1
RHSA-2013:0169
RHSA-2013_0169

Produtos afetados

Centos
Red Hat
Vino