CVE-2018-7225

CVE-2018-7225

Name

CVE-2018-7225

Description

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.

NVD Severity

high

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Third Party Advisory	https://github.com/LibVNC/libvncserver/issues/218
Exploit	http://www.openwall.com/lists/oss-security/2018/02/18/1
Third Party Advisory	http://www.securityfocus.com/bid/103107
Mailing List	https://lists.debian.org/debian-lts-announce/2018/03/msg00035.html
Third Party Advisory	https://usn.ubuntu.com/3618-1/
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:1055
Third Party Advisory	https://www.debian.org/security/2018/dsa-4221
GENTOO	https://security.gentoo.org/glsa/201908-05
MLIST	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
MLIST	https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html
MLIST	https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html
UBUNTU	https://usn.ubuntu.com/4547-1/
UBUNTU	https://usn.ubuntu.com/4573-1/
UBUNTU	https://usn.ubuntu.com/4587-1/

Type

URI

Third Party Advisory

https://github.com/LibVNC/libvncserver/issues/218

Exploit

http://www.openwall.com/lists/oss-security/2018/02/18/1

Third Party Advisory

http://www.securityfocus.com/bid/103107

Mailing List

https://lists.debian.org/debian-lts-announce/2018/03/msg00035.html

Third Party Advisory

https://usn.ubuntu.com/3618-1/

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:1055

Third Party Advisory

https://www.debian.org/security/2018/dsa-4221

GENTOO

https://security.gentoo.org/glsa/201908-05

MLIST

https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

MLIST

https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html

MLIST

https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html

UBUNTU

https://usn.ubuntu.com/4547-1/

UBUNTU

https://usn.ubuntu.com/4573-1/

UBUNTU

https://usn.ubuntu.com/4587-1/

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:libvncserver_project:libvncserver::::::::`	libvncserver	>= None	<= 0.9.11

CPE URI

Source package

Min version

Max version

cpe:2.3:a:libvncserver_project:libvncserver:*:*:*:*:*:*:*:*

libvncserver

>= None

<= 0.9.11

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
libvncserver	edge-community	0.9.11-r2	None	fixed
libvncserver	edge-community	0.9.11-r0	None	possibly vulnerable
libvncserver	3.22-community	0.9.11-r2	None	fixed
libvncserver	3.22-community	0.9.11-r0	None	possibly vulnerable
libvncserver	3.21-community	0.9.11-r2	None	fixed
libvncserver	3.20-community	0.9.11-r2	None	fixed
libvncserver	3.19-community	0.9.11-r2	None	fixed
libvncserver	3.18-community	0.9.11-r2	None	fixed
libvncserver	3.17-community	0.9.11-r2	None	fixed
libvncserver	3.11-main	0.9.11-r2	None	fixed
libvncserver	3.10-main	0.9.11-r2	None	fixed

Source package

Branch

Version

Maintainer

Status

libvncserver

edge-community

0.9.11-r2

None

fixed

libvncserver

edge-community