Lucene search
Veracode Vulnerability DatabaseVERACODE:26266HistoryAug 06, 2020 - 9:39 p.m.
Arbitrary Code Execution
2020-08-0621:39:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
EPSS
0.009
Percentile
82.9%
LibVNCServer is vulnerable to arbitrary code execution. An integer overflow in pixel_value in libvncserver/scale.c allows an attacker to execute arbitrary code.
References
lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html
lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html
lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html
cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf
github.com/LibVNC/libvncserver/commit/a6788d1da719ae006605b78d22f5a9f170b423af
github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13
lists.debian.org/debian-lts-announce/2020/06/msg00035.html
lists.debian.org/debian-lts-announce/2020/08/msg00045.html
usn.ubuntu.com/4434-1/
Related
ubuntucve
ubuntucve
CVE-2020-14401
2020-06-17 00:00:00
cve
cve
CVE-2020-14401
2020-06-17 16:15:12
prion
prion
Integer overflow
2020-06-17 16:15:00
debiancve
debiancve
CVE-2020-14401
2020-06-17 16:15:12
nvd
nvd
CVE-2020-14401
2020-06-17 16:15:12
osv
osv
CVE-2020-14401
2020-06-17 16:15:12
libvncserver - security update
2020-06-30 00:00:00
libvncserver - security update
2020-08-28 00:00:00
cvelist
cvelist
CVE-2020-14401
2020-06-17 15:12:41
redhatcve
redhatcve
CVE-2020-14401
2020-07-24 11:37:51
alpinelinux
alpinelinux
CVE-2020-14401
2020-06-17 16:15:12
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:14424-1)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-2264-1)
2020-07-01 00:00:00
Debian: Security Advisory (DLA-2347-1)
2020-08-29 00:00:00
nessus
nessus
SUSE SLES11 Security Update : LibVNCServer (SUSE-SU-2020:14424-1)
2021-06-10 00:00:00
Debian DLA-2347-1 : libvncserver security update
2020-08-31 00:00:00
Debian DLA-2264-1 : libvncserver security update
2020-07-01 00:00:00
debian
debian
[SECURITY] [DLA 2264-1] libvncserver security update
2020-06-30 09:29:43
[SECURITY] [DLA 2347-1] libvncserver security update
2020-08-28 21:36:49
suse
suse
Security update for LibVNCServer (important)
2020-07-21 00:00:00
Security update for LibVNCServer (important)
2020-07-24 00:00:00
Security update for LibVNCServer (important)
2020-07-18 00:00:00
mageia
mageia
Updated libvncserver packages fix security vulnerability
2020-07-05 22:48:23
virtuozzo
virtuozzo
Product update: Virtuozzo Hybrid Server 7.0 Update 14 Hotfix 2 (7.0.14-258)
2020-08-19 00:00:00
ubuntu
ubuntu
LibVNCServer vulnerabilities
2020-07-23 00:00:00
ics
ics
Siemens SIMATIC ITC
2021-12-16 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1900
2021-07-02 17:22:34