Debian Libvncserver vulnerabilities

45 known vulnerabilities affecting debian/libvncserver.

Total CVEs
45
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL11HIGH20MEDIUM10LOW4

Vulnerabilities

Page 3 of 3
CVE-2014-6053MEDIUMCVSS 5.0fixed in libvncserver 0.9.9+dfsg-6.1 (bookworm)2014
CVE-2014-6053 [MEDIUM] CVE-2014-6053: libvncserver - The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNC... The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc. Scope:
debian
CVE-2014-6054MEDIUMCVSS 4.3fixed in libvncserver 0.9.9+dfsg-6.1 (bookworm)2014
CVE-2014-6054 [MEDIUM] CVE-2014-6054: libvncserver - The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNC... The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message. Scope: local bookworm: resolved (fixed in 0.9.9+dfsg-6.1) bullseye: re
debian
CVE-2011-0905LOWCVSS 3.5fixed in vino 2.28.2-3 (bookworm)2011
CVE-2011-0905 [LOW] CVE-2011-0905: libvncserver - The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino... The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of
debian
CVE-2011-0904LOWCVSS 3.5fixed in vino 2.28.2-3 (bookworm)2011
CVE-2011-0904 [LOW] CVE-2011-0904: libvncserver - The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino... The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update reque
debian
CVE-2006-2450HIGHCVSS 7.5fixed in libvncserver 0.8.2-1 (bookworm)2006
CVE-2006-2450 [HIGH] CVE-2006-2450: libvncserver - auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication vi... auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369. Scope: local bookworm: resolved (fixed in 0.8.2-1) bullseye: resolved (fixed in 0.8.2-1) forky:
debian
← Previous3 / 3
Debian Libvncserver vulnerabilities | cvebase