Lucene search
Veracode Vulnerability DatabaseVERACODE:8086HistoryDec 27, 2018 - 6:45 a.m.
Memory Leak
2018-12-2706:45:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.005
Percentile
77.2%
libvncserver.so is susceptible to memory leak. The attack exists because initialization of rfbClientCutTextMsg and rfbKeyEventMsg are not done properly ,allowing to read stack memory.
References
ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-032-libvnc-multiple-memory-leaks/
lists.debian.org/debian-lts-announce/2018/12/msg00017.html
lists.debian.org/debian-lts-announce/2019/10/msg00042.html
lists.debian.org/debian-lts-announce/2019/11/msg00033.html
lists.debian.org/debian-lts-announce/2019/12/msg00028.html
security.gentoo.org/glsa/201908-05
security.gentoo.org/glsa/202006-06
usn.ubuntu.com/3877-1/
usn.ubuntu.com/4547-1/
usn.ubuntu.com/4547-2/
usn.ubuntu.com/4587-1/
www.debian.org/security/2019/dsa-4383
Related
osv
osv
CVE-2018-20022
2018-12-19 16:29:00
ssvnc - security update
2019-11-29 00:00:00
ssvnc vulnerabilities
2020-09-28 19:52:43
cvelist
cvelist
CVE-2018-20022
2018-12-19 16:00:00
cve
cve
CVE-2018-20022
2018-12-19 16:29:00
debiancve
debiancve
CVE-2018-20022
2018-12-19 16:29:00
ubuntucve
ubuntucve
CVE-2018-20022
2018-12-19 00:00:00
prion
prion
Information disclosure
2018-12-19 16:29:00
nvd
nvd
CVE-2018-20022
2018-12-19 16:29:00
redhatcve
redhatcve
CVE-2018-20022
2018-12-20 07:22:22
gentoo
gentoo
ssvnc: Multiple vulnerabilities
2020-06-13 00:00:00
LibVNCServer: Multiple vulnerabilities
2019-08-09 00:00:00
debian
debian
[SECURITY] [DLA 2016-1] ssvnc security update
2019-11-29 15:53:54
[SECURITY] [DLA 1617-1] libvncserver security update
2018-12-27 03:53:08
[SECURITY] [DSA 4383-1] libvncserver security update
2019-02-03 20:52:03
nessus
nessus
GLSA-202006-06 : ssvnc: Multiple vulnerabilities
2020-06-17 00:00:00
Debian DLA-2016-1 : ssvnc security update
2019-12-03 00:00:00
Ubuntu 16.04 LTS : SSVNC vulnerabilities (USN-4547-2)
2020-09-29 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2016-1)
2019-11-30 00:00:00
Ubuntu: Security Advisory (USN-4547-2)
2020-09-29 00:00:00
Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2019-1033)
2020-01-23 00:00:00
ubuntu
ubuntu
SSVNC vulnerabilities
2020-09-28 00:00:00
LibVNCServer vulnerabilities
2019-01-31 00:00:00
iTALC vulnerabilities
2020-09-28 00:00:00
mageia
mageia
Updated libvncserver & x11vnc packages fix security vulnerabilities
2019-01-16 01:15:34
Updated italc packages fix security vulnerabilities
2020-11-23 22:51:37
suse
suse
Security update for LibVNCServer (important)
2019-01-18 00:00:00
Security update for LibVNCServer (important)
2019-01-12 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1900
2021-07-02 17:22:34