CVE-2014-6055
libvncserver: server stacked-based buffer overflow flaws in file transfer handling
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message.
Múltiples desbordamientos de buffer basado en pila en la caracteristica File Transfer en rfbserver.c en LibVNCServer 0.9.9 y anteriores permiten a usuarios remotos autenticados causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un (1) fichero largo o (2) nombre de directorio o el (3) atributo FileTime en un mensaje rfbFileTransferOffer.
Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-09-01 CVE Reserved
- 2014-09-25 CVE Published
- 2023-03-15 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-121: Stack-based Buffer Overflow
CAPEC
References (19)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/oss-sec/2014/q3/639 | Mailing List |
|
| http://secunia.com/advisories/61506 | Third Party Advisory | |
| http://www.ocert.org/advisories/ocert-2014-007.html | Third Party Advisory | |
| http://www.openwall.com/lists/oss-security/2014/09/25/11 | Mailing List |
|
| http://www.securityfocus.com/bid/70096 | Third Party Advisory | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/96187 | Vdb Entry | |
| https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html | Mailing List |
|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 20 Search vendor "Fedoraproject" for product "Fedora" and version "20" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 21 Search vendor "Fedoraproject" for product "Fedora" and version "21" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus" | 6.5 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "6.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus" | 6.5.z Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "6.5.z" | - |
Affected
| ||||||
| Libvncserver Search vendor "Libvncserver" | Libvncserver Search vendor "Libvncserver" for product "Libvncserver" | <= 0.9.9 Search vendor "Libvncserver" for product "Libvncserver" and version " <= 0.9.9" | - |
Affected
| ||||||