Fluid Attacks Database

Description

LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit missing validation of strchr() return values in the CONNECT and GET proxy handling paths to trigger null pointer dereferences and crash the server when httpd and proxy features are enabled.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel9	gnome-remote-desktop	-	-
rpm rhel6	libvncserver	-	-
rpm rhel8	libvncserver	-	-
debian 11	libvncserver	=0.9.13+dfsg-2 \|\| =0.9.13+dfsg-2+deb11u1 \|\| =0.9.13+dfsg-3 \|\| =0.9.13+dfsg-4 \|\| =0.9.13+dfsg-5 \|\| =0.9.14+dfsg-1 \|\| =0.9.15+dfsg-1 \|\| =0.9.15+dfsg-2 \|\| =0.9.15+dfsg-3 \|\| =0.9.15+dfsg-4	-
debian 12	libvncserver	=0.9.14+dfsg-1 \|\| >=0 <0.9.14+dfsg-1+deb12u1	0.9.14+dfsg-1+deb12u1
debian 13	libvncserver	=0.9.15+dfsg-1 \|\| >=0 <0.9.15+dfsg-1+deb13u1	0.9.15+dfsg-1+deb13u1
debian 14	libvncserver	=0.9.15+dfsg-1 \|\| =0.9.15+dfsg-2 \|\| >=0 <0.9.15+dfsg-3	0.9.15+dfsg-3

Aliases

1. CVE-2026-328542. NVD-2026-328543. OSV-2026-328544. OSV-DEBIAN-2026-328545. SECURITY-TRACKER-CVE-2026-32854

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.