Explore top 10 tips to secure your open-source projects now. Read More
×
CVE-2014-6051
Integer overflow in the MallocFrameBuffer function in vncviewer.c in
LibVNCServer allowed remote VNC servers to cause a denial of service
(crash) and possibly executed arbitrary code via an advertisement for
a large screen size, which triggered a heap-based buffer overflow.
CVE-2014-6052
The HandleRFBServerMessage function in libvncclient/rfbproto.c in
LibVNCServer did not check certain malloc return values, which
allowed remote VNC servers to cause a denial of service (application
crash) or possibly execute arbitrary code by specifying a large
screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3)
PalmVNCReSizeFrameBuffer message.
CVE-2014-6053
The rfbProcessClientNormalMessage function in
libvncserver/rfbserver.c in LibVNCServer did not properly handle
attempts to send a large amount of ClientCutText data, which allowed
remote attackers to cause a denial of service (memory consumption or
Get the latest Linux and open source security news straight to your inbox.