PT-2019-1356 · Libvnc+3 · Libvnc+4

Pavel Cheremushkin

Publicado

2019-01-07

Atualizado

2022-03-10

CVE-2018-20750

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions LibVNC through 0.9.12

Description The issue is related to a heap out-of-bounds write vulnerability in the rfbserver.c component of the LibVNCServer library. This vulnerability can be exploited by a remote attacker to cause a denial of service and gain unauthorized access to sensitive data.

Recommendations For LibVNC through 0.9.12, consider applying the necessary patches or fixes to address the incomplete fix for the issue. As a temporary workaround, restrict access to the vulnerable rfbserver.c component to minimize the risk of exploitation.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALT-PU-2019-2585

ALT-PU-2019-2662

ALT-PU-2021-1040

BDU:2019-00704

CVE-2018-20750

DLA-1652-1

DLA-1979-1

MGASA-2019-0070

MGASA-2020-0435

OPENSUSE-SU-2019:0196-1

OPENSUSE-SU-2019_0196-1

OPENSUSE-SU-2019_0200-1

OPENSUSE-SU-2024:10598-1

SUSE-SU-2019:0283-1

SUSE-SU-2019:0313-1

SUSE-SU-2019:0313-2

SUSE-SU-2019:13952-1

USN-3877-1

USN-4547-1

USN-4587-1

Produtos afetados

Alt Linux

Libvnc

Libvncserver

Suse

Ubuntu

PT-2019-1356 · Libvnc+3 · Libvnc+4

CVE-2018-20750

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 73