CVE-2016-9942 in LibVNCServerinfo

Summary

Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/13/2016

Disclosure

12/31/2016

Moderation

VulDB entry created

Entries

1: VDB-94798

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

8.0

EPSS

0.00836

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-9942
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9942
CVE Details	https://www.cvedetails.com/cve/CVE-2016-9942/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!