CVE-2010-5304
published 2020-02-05CVE-2010-5304: A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to…
PriorityP340high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
3.12%
86.2th percentile
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| libvncserver_project | libvncserver | < 0.9.9 | 0.9.9 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2wpx-v6qf-p32x: A NULL pointer dereference flaw was found in the way LibVNCServer before 0
ghsa_unreviewed·2022-04-21
CVE-2010-5304 [HIGH] CWE-476 GHSA-2wpx-v6qf-p32x: A NULL pointer dereference flaw was found in the way LibVNCServer before 0
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
Red Hat
realvnc: Null pointer dereference flaw in ClientCutText message handling
vendor_redhat·2014-09-23·CVSS 7.5
CVE-2010-5304 [HIGH] CWE-476 realvnc: Null pointer dereference flaw in ClientCutText message handling
realvnc: Null pointer dereference flaw in ClientCutText message handling
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
A flaw was found in realvnc. LibVNCServer, in versions prior to 0.9.9, contain a NULL pointer dereference when handling certain ClientCutText messages which could be used by a remote attacker to crash the VNC server. The highest threat from this vulnerability is to system availability.
Statement: This flaw is in RealVNC shipped with Red Hat Enterprise Linux 5. A similar flaw was also found in LibVNCServer and was assigned CVE-2014-6053
Package: vnc (Red Hat Enterpris
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2010-5304 realvnc: Null pointer dereference flaw in ClientCutText message handling
bugzilla·2020-02-19·CVSS 7.5
CVE-2010-5304 [HIGH] CVE-2010-5304 realvnc: Null pointer dereference flaw in ClientCutText message handling
CVE-2010-5304 realvnc: Null pointer dereference flaw in ClientCutText message handling
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
Reference:
http://www.openwall.com/lists/oss-security/2014/09/23/6
This libVNCServer flaw was assigned CVE-2014-6053. A similar flaw was found in RealVNC server which has been assigned CVE-2010-5304.
Discussion:
https://packetstormsecurity.com/files/89160/RealVNC-VNC-Server-Free-Edition-4.1.3-Denial-Of-Service.html contains instructions for reproducing this flaw.
---
External References:
https://packetstormsecurity.com/files/89160/RealVNC-VNC-Server
Bugzilla
CVE-2014-6053 libvncserver: server NULL pointer dereference flaw in ClientCutText message handling
bugzilla·2014-09-19·CVSS 7.5
CVE-2014-6053 [HIGH] CVE-2014-6053 libvncserver: server NULL pointer dereference flaw in ClientCutText message handling
CVE-2014-6053 libvncserver: server NULL pointer dereference flaw in ClientCutText message handling
A NULL pointer dereference flaw was reported in LibVNCServer's ClientCutText message handling. A VNC client could use this flaw to cause the VNC server to crash.
Upstream commit:
https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28
Discussion:
Acknowledgements:
Red Hat would like to thank oCERT for reporting this issue. oCERT acknowledges Nicolas RUFF as the original reporter.
---
Public now:
http://seclists.org/oss-sec/2014/q3/639
---
Created libvncserver tracking bugs for this issue:
Affects: fedora-all [bug 1145878]
Affects: epel-5 [bug 1145879]
Affects: epel-7 [bug 1145880]
---
Created krfb tracking bugs for this issue:
Affects: fedora-all
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-October/139814.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-October/140219.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.htmlhttp://seclists.org/oss-sec/2014/q3/639http://www.openwall.com/lists/oss-security/2014/09/23/6http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-October/139814.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-October/140219.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.htmlhttp://seclists.org/oss-sec/2014/q3/639http://www.openwall.com/lists/oss-security/2014/09/23/6
2020-02-05
Published