CVE-2010-5304

Name of the Vulnerable Software and Affected Versions LibVNCServer versions prior to 0.9.9

Description A NULL pointer dereference flaw was found in the way LibVNCServer handled certain ClientCutText messages. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.

Recommendations For versions prior to 0.9.9, update to version 0.9.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the VNC server to minimize the risk of exploitation.