CPE-0AE955EB-5C14-43CD-B3F2-05231EB34BEC Detail

CPE Details

LibVNCServer Project LibVNCServer 0.9.8

Vendor

libvncserver_project

Product

libvncserver

Version

0.9.8

Created

2019-09-26
10h08 +00:00

Modified

2019-09-26
10h08 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:libvncserver_project:libvncserver:0.9.8:::::::*

Informations

Vendor

libvncserver_project

Product

libvncserver

Version

0.9.8

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2017-18922	2020-06-30 09h00 +00:00	It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.	9.8	Critical
CVE-2020-14399	2020-06-17 13h12 +00:00	An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.	7.5	High
CVE-2020-14400	2020-06-17 13h12 +00:00	An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary	7.5	High
CVE-2020-14401	2020-06-17 13h12 +00:00	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.	6.5	Medium
CVE-2010-5304	2020-02-05 18h35 +00:00	A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.	7.5	High
CVE-2018-7225	2018-02-19 14h00 +00:00	An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.	9.8	Critical
CVE-2016-9941	2016-12-31 17h00 +00:00	Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.	9.8	Critical

LibVNCServer Project LibVNCServer 0.9.8

CPE Details

CPE Name: cpe:2.3:a:libvncserver_project:libvncserver:0.9.8:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:libvncserver_project:libvncserver:0.9.8:::::::*