CVE-2014-6051 - Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier

CVE-2014-6051

Summary

Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.

References

Vulnerable Configurations

cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*
cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 23-10-2020 - 13:15)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa

id	RHSA-2015:0113

rpms

libvncserver-0:0.9.7-7.el6_6.1
libvncserver-0:0.9.9-9.el7_0.1
libvncserver-debuginfo-0:0.9.7-7.el6_6.1
libvncserver-debuginfo-0:0.9.9-9.el7_0.1
libvncserver-devel-0:0.9.7-7.el6_6.1
libvncserver-devel-0:0.9.9-9.el7_0.1
libvncserver-0:0.9.7-7.el6_5.1
libvncserver-debuginfo-0:0.9.7-7.el6_5.1
libvncserver-devel-0:0.9.7-7.el6_5.1

refmap via4

bid	70093
confirm	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273 https://www.kde.org/info/security/advisory-20140923-1.txt
debian	DSA-3081
fedora	FEDORA-2014-11537 FEDORA-2014-11685
gentoo	GLSA-201507-07 GLSA-201612-36
misc	http://www.ocert.org/advisories/ocert-2014-007.html
mlist	[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update [oss-security] 20140923 Multiple issues in libVNCserver [oss-security] 20140925 [oCERT-2014-007] libvncserver multiple issues
secunia	61506
suse	openSUSE-SU-2015:2207
ubuntu	USN-4587-1

Last major update

23-10-2020 - 13:15

Published

30-09-2014 - 16:55

Last modified

23-10-2020 - 13:15