QwikSec

Security Database

CVE

CWE

Training

CVE-2014-6055

Published: Sep 30, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.ocert.org/advisories/ocert-2014-007.html

x_refsource_MISC

openSUSE-SU-2015:2207

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

https://www.kde.org/info/security/advisory-20140923-1.txt

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

https://github.com/newsoft/libvncserver/commit/f528072216dec01cee7ca35d94e171a3b909e677

x_refsource_CONFIRM

[oss-security] 20140925 [oCERT-2014-007] libvncserver multiple issues

mailing-list

x_refsource_MLIST

[oss-security] 20140923 Multiple issues in libVNCserver

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_GENTOO

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_DEBIAN

libvncserver-cve20146055-bo(96187)

vdb-entry

x_refsource_XF

FEDORA-2014-11537

vendor-advisory

x_refsource_FEDORA

https://github.com/newsoft/libvncserver/commit/06ccdf016154fde8eccb5355613ba04c59127b2e

x_refsource_CONFIRM

FEDORA-2014-11685

vendor-advisory

x_refsource_FEDORA

[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.