Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer prior to 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libvncserver project libvncserver |
Debian plugs overflow vuln
An important fix for libvncserver has landed in Debian and on the library's GitHub page. Late in 2016, a bug emerged in the VNC libraries that left clients vulnerable to malicious servers. As the Debian advisory states, the fix addresses two bugs: CVE-2016-9941 and CVE-2016-9942. The libraries incorrectly handled incoming packets, leading to heap-based buffer overflows. Clients could be attacked either for denial-of-service, or potentially for remote code execution. The folks at libvncserver pus...