CVE-2019-20788

Published: Apr 23, 2020

Modified: Aug 5, 2024

PUBLISHED

Description

libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/LibVNC/libvncserver/commit/54220248886b5001fbbb9fa73c4e1a2cb9413fed

x_refsource_MISC

openSUSE-SU-2020:0624

vendor-advisory

x_refsource_SUSE

USN-4407-1

vendor-advisory

x_refsource_UBUNTU

https://securitylab.github.com/advisories/GHSL-2020-064-libvnc-libvncclient

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-20788

Description

Affected Products

References