CVE-2020-29260 libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().

The rfbClientCleanup() function is responsible for freeing up allocated client objects. This can be exploited to cause a denial of service condition.

CVE-2019-1897 The rfbVncServerOpen() function in libvncserver/libvncserver.c in rfbvncserver before 1.1.2 is vulnerable to a denial of service condition due to an integer overflow when parsing the privileged X11 socket’s length. A malicious client could cause rfbvncserver to crash.

CVE-2018-5373 In rfbvncserver before 1.1.2, a malicious remote user could cause rfbvncserver to crash via a crafted request (for example, a crafted RSH command) by sending a negative X-Forwarded-For value. This occurs because rfbvncserver does not properly handle the response from rfbVncServerSetRemoteForward() to the client.

CVE-2018-5372 In rfbvncserver before 1.1.2, a malicious remote user could cause rfbvncserver to crash via a crafted request (for example, a crafted RSH command) by sending a negative X-Forwarded-For value. This occurs because rfbvncserver does not properly handle the response from rfbVncServerSetRemoteForward() to the client.

CVE-2018-5370 In rfbvncserver before 1

^

CVE-2019-1897 ^ CVE-2018-5373 ^ CVE-2018-5372

The 5 most common mistakes companies make when outsourcing SEO & how to avoid them.

Timeline

Published on: 09/02/2022 23:15:00 UTC
Last modified on: 09/08/2022 03:19:00 UTC

References