CVE-2014-6051Integer Overflow or Wraparound in Libvncserver

CWE-189CWE-190Integer Overflow or WraparoundCWE-122Heap-based Buffer OverflowCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer20 documents7 sources
Severity
7.5HIGHNVD
EPSS
6.6%
top 8.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
11
Libvncserver Project LibvncserverTigervncDebian Libvncserver+8 more
Timeline
PublishedSep 30
Latest updateMay 17

Description

Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages9 packages

debiandebian/libvncserver< libvncserver 0.9.9+dfsg-6.1 (bookworm)
Debianlibvncserver_project/libvncserver< 0.9.9+dfsg-6.1+3
Ubuntulibvncserver_project/libvncserver< 0.9.9+dfsg-1ubuntu1.1
debiandebian/veyon< libvncserver 0.9.9+dfsg-6.1 (bookworm)

Also affects: Debian Linux 7.0, Fedora 20, 21, Enterprise Linux 6.5, 6.5.z

Patches

Patch: www.ocert.orgPatch: github.comPatch: www.ocert.org

🔴Vulnerability Details

6
GHSA
GHSA-5qgx-8v4m-83gf: Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to2022-05-17
GHSA
GHSA-6457-9pfw-39g2: Integer overflow in the MallocFrameBuffer function in vncviewer2022-05-13
OSV
italc vulnerabilities2020-10-20
OSV
CVE-2014-8240: Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to2014-10-16
OSV
CVE-2014-6051: Integer overflow in the MallocFrameBuffer function in vncviewer2014-09-30

📋Vendor Advisories

6
Ubuntu
iTALC vulnerabilities2020-10-20
Red Hat
tigervnc: integer overflow flaw, leading to a heap-based buffer overflow in screen size handling2014-10-10
Ubuntu
LibVNCServer vulnerabilities2014-09-29
Red Hat
libvncserver: integer overflow flaw, leading to a heap-based buffer overflow in screen size handling2014-09-23
Debian
CVE-2014-8240: tigervnc - Integer overflow in TigerVNC allows remote VNC servers to cause a denial of serv...2014

💬Community

6
Bugzilla
CVE-2014-8240 tigervnc: integer overflow flaw, leading to a heap-based buffer overflow in screen size handling2014-10-10
Bugzilla
CVE-2014-6051 CVE-2014-6053 CVE-2014-6052 CVE-2014-6055 CVE-2014-6054 krfb: various flaws [fedora-all]2014-09-24
Bugzilla
CVE-2014-6051 CVE-2014-6053 CVE-2014-6052 CVE-2014-6055 CVE-2014-6054 libvncserver: various flaws [fedora-all]2014-09-24
Bugzilla
CVE-2014-6051 CVE-2014-6053 CVE-2014-6052 CVE-2014-6055 CVE-2014-6054 libvncserver: various flaws [epel-5]2014-09-24
Bugzilla
CVE-2014-6051 CVE-2014-6053 CVE-2014-6052 CVE-2014-6055 libvncserver: various flaws [epel-7]2014-09-24
CVE-2014-6051 — Integer Overflow or Wraparound | cvebase