CVE-2018-20748

Published: Jan 30, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[debian-lts-announce] 20190131 [SECURITY] [DLA 1652-1] libvncserver security update

mailing-list

x_refsource_MLIST

https://github.com/LibVNC/libvncserver/commit/a64c3b37af9a6c8f8009d7516874b8d266b42bae

x_refsource_MISC

https://github.com/LibVNC/libvncserver/commit/e34bcbb759ca5bef85809967a268fdf214c1ad2c

x_refsource_MISC

https://github.com/LibVNC/libvncserver/issues/273

x_refsource_MISC

https://github.com/LibVNC/libvncserver/commit/c5ba3fee85a7ecbbca1df5ffd46d32b92757bc2a

x_refsource_MISC

https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7

x_refsource_MISC

USN-3877-1

vendor-advisory

x_refsource_UBUNTU

https://www.openwall.com/lists/oss-security/2018/12/10/8

x_refsource_MISC

[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update

mailing-list

x_refsource_MLIST

USN-4547-1

vendor-advisory

x_refsource_UBUNTU

USN-4587-1

vendor-advisory

x_refsource_UBUNTU

https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20748

Description

Affected Products

References