Fluid Attacks Database

Description

LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	libvncserver	>=0 <0.9.11+dfsg-1.2	0.9.11+dfsg-1.2
debian 14	veyon	>=0 <4.1.4+repack1-1	4.1.4+repack1-1
debian 14	libvncserver	>=0 <0.9.11+dfsg-1.2	0.9.11+dfsg-1.2
debian 11	libvncserver	>=0 <0.9.11+dfsg-1.2	0.9.11+dfsg-1.2
debian 11	veyon	>=0 <4.1.4+repack1-1	4.1.4+repack1-1
debian 12	veyon	>=0 <4.1.4+repack1-1	4.1.4+repack1-1
debian 13	veyon	>=0 <4.1.4+repack1-1	4.1.4+repack1-1
debian 14	ssvnc	>=0 <1.0.29-5	1.0.29-5
debian 11	ssvnc	>=0 <1.0.29-5	1.0.29-5
debian 13	libvncserver	>=0 <0.9.11+dfsg-1.2	0.9.11+dfsg-1.2

1-10 of 15

Aliases

1. CVE-2018-200202. NVD-2018-200203. OSV-DEBIAN-2018-200204. OSV-2018-200205. SECURITY-TRACKER-CVE-2018-20020

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.