Lucene search

K
cveMitreCVE-2011-0905
HistoryMay 10, 2011 - 6:55 p.m.

CVE-2011-0905

2011-05-1018:55:01
CWE-119
mitre
web.nvd.nist.gov
55
vino server
remote authenticated users
denial of service
cve-2011-0905
security vulnerability

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

AI Score

8.5

Confidence

High

EPSS

0.011

Percentile

84.5%

The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.

Affected configurations

Nvd
Node
david_kingvinoMatch2.10
OR
david_kingvinoMatch2.11
OR
david_kingvinoMatch2.12
OR
david_kingvinoMatch2.13
OR
david_kingvinoMatch2.13.5
OR
david_kingvinoMatch2.14
OR
david_kingvinoMatch2.15
OR
david_kingvinoMatch2.16
OR
david_kingvinoMatch2.17
OR
david_kingvinoMatch2.17.2
OR
david_kingvinoMatch2.17.4
OR
david_kingvinoMatch2.17.5
OR
david_kingvinoMatch2.17.92
OR
david_kingvinoMatch2.18
OR
david_kingvinoMatch2.18.1
OR
david_kingvinoMatch2.19
OR
david_kingvinoMatch2.19.5
OR
david_kingvinoMatch2.19.90
OR
david_kingvinoMatch2.19.92
OR
david_kingvinoMatch2.20
OR
david_kingvinoMatch2.20.1
OR
david_kingvinoMatch2.21
OR
david_kingvinoMatch2.21.1
OR
david_kingvinoMatch2.21.2
OR
david_kingvinoMatch2.21.3
OR
david_kingvinoMatch2.21.90
OR
david_kingvinoMatch2.21.91
OR
david_kingvinoMatch2.21.92
OR
david_kingvinoMatch2.22
OR
david_kingvinoMatch2.22.1
OR
david_kingvinoMatch2.22.2
OR
david_kingvinoMatch2.23
OR
david_kingvinoMatch2.23.5
OR
david_kingvinoMatch2.23.90
OR
david_kingvinoMatch2.23.91
OR
david_kingvinoMatch2.23.92
OR
david_kingvinoMatch2.24
OR
david_kingvinoMatch2.24.1
OR
david_kingvinoMatch2.25
OR
david_kingvinoMatch2.25.3
OR
david_kingvinoMatch2.25.4
OR
david_kingvinoMatch2.25.5
OR
david_kingvinoMatch2.25.90
OR
david_kingvinoMatch2.25.91
OR
david_kingvinoMatch2.25.92
OR
david_kingvinoMatch2.26
OR
david_kingvinoMatch2.26.1
OR
david_kingvinoMatch2.26.2
OR
david_kingvinoMatch2.27
OR
david_kingvinoMatch2.27.5
OR
david_kingvinoMatch2.27.90
OR
david_kingvinoMatch2.27.91
OR
david_kingvinoMatch2.27.92
OR
david_kingvinoMatch2.28
OR
david_kingvinoMatch2.28.1
OR
david_kingvinoMatch2.28.2
OR
david_kingvinoMatch2.32.0
OR
david_kingvinoMatch2.32.1
OR
david_kingvinoMatch3.0.0
OR
david_kingvinoMatch3.0.1
OR
david_kingvinoMatch3.1
VendorProductVersionCPE
david_kingvino2.19.5cpe:/a:david_king:vino:2.19.5:::
david_kingvino2.17.2cpe:/a:david_king:vino:2.17.2:::
david_kingvino2.24cpe:/a:david_king:vino:2.24:::
david_kingvino2.20.1cpe:/a:david_king:vino:2.20.1:::
david_kingvino2.17.4cpe:/a:david_king:vino:2.17.4:::
david_kingvino3.0.0cpe:/a:david_king:vino:3.0.0:::
david_kingvino2.27.91cpe:/a:david_king:vino:2.27.91:::
david_kingvino2.25.90cpe:/a:david_king:vino:2.25.90:::
david_kingvino2.16cpe:/a:david_king:vino:2.16:::
david_kingvino2.23.5cpe:/a:david_king:vino:2.23.5:::
Rows per page:
1-10 of 611

References

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

AI Score

8.5

Confidence

High

EPSS

0.011

Percentile

84.5%