Page 8 of 38 results (0.005 seconds)

CVSS: 6.0EPSS: 88%CPEs: 4EXPL: 0

CVE-2014-6054 – libvncserver: server divide-by-zero flaw in scaling factor handling

https://notcve.org/view.php?id=CVE-2014-6054

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message. La función rfbProcessClientNormalMessage en libvncserver/rfbserver.c en LibVNCServer 0.9.9 y anteriores permite a atacantes remotos causar una denegación de servicio (error de la división por cero y caída del servidor) a través de un valor cero en el factor de escalado en un mensaje (1) PalmVNCSetScaleFactor o (2) SetScale. A divide-by-zero flaw was found in the way LibVNCServer handled the scaling factor when it was set to "0". A remote attacker could use this flaw to crash the VNC server using a malicious VNC client. • http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html http://seclists.org/oss-sec/2014/q3/639 http://secunia.com/advisories/61506 http://secunia.com/advisories/61682 http://www.debian.org/security/2014/dsa-3081 http://www.ocert.org/advisories/ocert-2014-007.html http://www.openwall.com/lists/oss-security/2014/09/25/11 http://www.securityfocus.com/bid/70094 http://www.ubuntu.com/usn/USN-2365-1 https://github.com/newsoft/libvncserver/commit/05a9bd41a8ec • CWE-189: Numeric Errors CWE-369: Divide By Zero •

CVSS: 6.5EPSS: 2%CPEs: 6EXPL: 0

CVE-2014-6055 – libvncserver: server stacked-based buffer overflow flaws in file transfer handling

https://notcve.org/view.php?id=CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message. Múltiples desbordamientos de buffer basado en pila en la caracteristica File Transfer en rfbserver.c en LibVNCServer 0.9.9 y anteriores permiten a usuarios remotos autenticados causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un (1) fichero largo o (2) nombre de directorio o el (3) atributo FileTime en un mensaje rfbFileTransferOffer. Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client. • http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html http://rhn.redhat.com/errata/RHSA-2015-0113.html http://seclists.org/oss-sec/2014/q3/639 http://secunia.com/advisories/61506 http://www.debian.org/security/2014/dsa-3081 http://www.ocert.org/advisories/ocert-2014-007.html http://www.openwall.com/lists& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0

CVE-2006-2450

https://notcve.org/view.php?id=CVE-2006-2450

auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369. auth.c en LibVNCServer 0.7.1 permite a atacantes remotos evitar la validación a través de una respuesta en la cual el cliente especifica un tipo de seguridad insegura como por ejemplo "Tipo 1 - None", el cual es aceptado siempre aunque no es ofrecida por el servidor, un asunto diferente que CVE-2006-2369. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824 http://libvncserver.cvs.sourceforge.net/libvncserver/libvncserver/libvncserver/auth.c?r1=1.11&r2=1.14&diff_format=u http://seclists.org/fulldisclosure/2022/May/29 http://secunia.com/advisories/20940 http://secunia.com/advisories/21179 http://secunia.com/advisories/21349 http://secunia.com/advisories/21393 http://secunia.com/advisories/21405 http://secunia.com/advisories/24525 http://security.gentoo.org/glsa/glsa-200608-05 •