CVE-2020-25708 – libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS
https://notcve.org/view.php?id=CVE-2020-25708
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service. Se encontró un problema de división por cero en libvncserver-0.9.12. Un cliente malicioso podría usar este fallo para enviar un mensaje especialmente diseñado que, cuando se procesaba mediante el servidor VNC, conduciría a una excepción de punto flotante, resultando en una denegación de servicio A divide by zero flaw was found in libvncserver. This flaw allows a malicious client to send a specially crafted message that, when processed by the VNC server, leads to a floating-point exception, resulting in a denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=1896739 https://lists.debian.org/debian-lts-announce/2022/09/msg00035.html https://access.redhat.com/security/cve/CVE-2020-25708 • CWE-369: Divide By Zero •
CVE-2020-14396
https://notcve.org/view.php?id=CVE-2020-14396
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference. Se detectó un problema en LibVNCServer versiones anteriores a 0.9.13. La biblioteca libvncclient/tls_openssl.c presenta una desreferencia del puntero NULL • https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf https://github.com/LibVNC/libvncserver/commit/33441d90a506d5f3ae9388f2752901227e430553 https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13 https://usn.ubuntu.com/4434-1 • CWE-476: NULL Pointer Dereference •
CVE-2020-14397 – libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference
https://notcve.org/view.php?id=CVE-2020-14397
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. Se detectó un problema en LibVNCServer versiones anteriores a 0.9.13. La biblioteca libvncserver/rfbregion.c presenta una desreferencia del puntero NULL • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf https://github.com/LibVNC/libvncserver/commit/38e98ee61d74f5f5ab4aa4c77146faad1962d6d0 https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13 https://lists.debian.org/debian-lts-announce/2020 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVE-2020-14398
https://notcve.org/view.php?id=CVE-2020-14398
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c. Se detectó un problema en LibVNCServer versiones anteriores a 0.9.13. Una conexión TCP cerrada inapropiadamente causa un bucle infinito en la biblioteca libvncclient/sockets.c • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf https://github.com/LibVNC/libvncserver/commit/57433015f856cc12753378254ce4f1c78f5d9c7b https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13 https://usn.ubuntu.com/4434-1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2020-14399
https://notcve.org/view.php?id=CVE-2020-14399
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed. **EN DISPUTA** Se detectó un problema en LibVNCServer versiones anteriores a 0.9.13. Los datos Byte-aligned son accedidos por medio de punteros uint32_t en la biblioteca libvncclient/rfbproto.c. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html https://bugzilla.redhat.com/show_bug.cgi?id=1860354 https://github.com/LibVNC/libvncserver/commit/23e5cbe6b090d7f22982aee909a6a618174d3c2d https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13 https://lists.debian.org/debian-lts-announce/2020/06/msg000 •