Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2014-6051
HistorySep 24, 2014 - 12:00 a.m.

CVE-2014-6051

2014-09-2400:00:00
ubuntu.com
ubuntu.com
14

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.01

Percentile

83.7%

JSON

Integer overflow in the MallocFrameBuffer function in vncviewer.c in
LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial
of service (crash) and possibly execute arbitrary code via an advertisement
for a large screen size, which triggers a heap-based buffer overflow.

Notes

Author Note
mdeslaur krfb is only a server, this issue is client side.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchitalc< 1:3.0.1+dfsg1-1UNKNOWN
ubuntu16.04noarchitalc< 1:2.0.2+dfsg1-4ubuntu0.1UNKNOWN
ubuntu12.04noarchlibvncserver< 0.9.8.2-2ubuntu1.1UNKNOWN
ubuntu14.04noarchlibvncserver< 0.9.9+dfsg-1ubuntu1.1UNKNOWN

Related

veracode 4
cvelist 2
debiancve 2
prion 2
cve 2
nvd 2
gentoo 2
nessus 25
ubuntucve 1
redhat 2
openvas 18
securityvulns 2
debian 3
archlinux 1
ubuntu 2
freebsd 1
centos 1
osv 4
mageia 1
fedora 4
oraclelinux 1
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:02:54
Arbitrary Code Execution
2019-05-02 05:04:38
Arbitrary Code Execution
2019-05-02 05:04:38
cvelist
cvelist
CVE-2014-6051
2014-09-30 16:00:00
CVE-2014-8240
2014-10-16 19:00:00
debiancve
debiancve
CVE-2014-6051
2014-09-30 16:55:07
CVE-2014-8240
2014-10-16 19:55:14
prion
prion
Integer overflow
2014-09-30 16:55:00
Integer overflow
2014-10-16 19:55:00
cve
cve
CVE-2014-6051
2014-09-30 16:55:07
CVE-2014-8240
2014-10-16 19:55:14
nvd
nvd
CVE-2014-6051
2014-09-30 16:55:07
CVE-2014-8240
2014-10-16 19:55:14
gentoo
gentoo
TigerVNC: Integer overflow
2016-12-13 00:00:00
LibVNCServer: Multiple vulnerabilities
2015-07-07 00:00:00
nessus
nessus
GLSA-201612-36 : TigerVNC: Integer overflow
2016-12-13 00:00:00
RHEL 6 : libvncserver (RHSA-2015:0113)
2015-02-03 00:00:00
RHEL 5 : vnc (Unpatched Vulnerability)
2024-06-03 00:00:00
ubuntucve
ubuntucve
CVE-2014-6052
2014-09-24 00:00:00
redhat
redhat
(RHSA-2015:0113) Moderate: libvncserver security update
2015-02-02 00:00:00
(RHSA-2014:1826) Moderate: libvncserver security update
2014-11-11 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0397)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-3081-1)
2014-11-28 00:00:00
Gentoo Security Advisory GLSA 201507-07
2015-09-29 00:00:00
securityvulns
securityvulns
[oCERT-2014-007] libvncserver multiple issues
2014-09-29 00:00:00
libvncserver multiple security vulnerabilities
2014-09-29 00:00:00
debian
debian
[SECURITY] [DSA 3081-1] libvncserver security update
2014-11-29 15:21:35
[SECURITY] [DLA 197-1] libvncserver security update
2015-04-14 16:05:48
[SECURITY] [DLA 1979-1] italc security update
2019-10-30 22:21:35
archlinux
archlinux
libvncserver: remote code execution, denial of service
2014-10-24 00:00:00
ubuntu
ubuntu
LibVNCServer vulnerabilities
2014-09-29 00:00:00
iTALC vulnerabilities
2020-10-20 00:00:00
freebsd
freebsd
libvncserver -- multiple security vulnerabilities
2014-09-23 00:00:00
centos
centos
libvncserver security update
2014-11-11 18:36:28
osv
osv
libvncserver - security update
2015-04-14 00:00:00
libvncserver - security update
2014-11-29 00:00:00
italc vulnerabilities
2020-10-20 16:35:20
mageia
mageia
Updated libvncserver & remmina packages fix security vulnerabilities
2014-10-07 13:22:51
fedora
fedora
[SECURITY] Fedora 20 Update: libvncserver-0.9.10-0.6.20140718git9453be42.fc20
2014-09-29 04:06:45
[SECURITY] Fedora 21 Update: libvncserver-0.9.10-0.6.20140718git9453be42.fc21
2014-10-01 04:23:42
[SECURITY] Fedora 19 Update: libvncserver-0.9.10-0.6.20140718git9453be42.fc19
2014-10-04 03:25:16
oraclelinux
oraclelinux
libvncserver security update
2014-11-11 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.01

Percentile

83.7%

JSON
Related for UB:CVE-2014-6051
veracode4cvelist2debiancve2prion2cve2nvd2gentoo2nessus25ubuntucve1redhat2openvas18securityvulns2debian3archlinux1ubuntu2freebsd1centos1osv4mageia1fedora4oraclelinux1