FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libvncserver -- multiple buffer overflows

Affected packages
libvncserver < 0.9.11

Details

VuXML ID 64be967a-d379-11e6-a071-001e67f15f5a
Discovery 2016-11-24
Entry 2017-01-09

libvnc server reports:

Two unrelated buffer overflows can be used by a malicious server to overwrite parts of the heap and crash the client (or possibly execute arbitrary code).

[source]

References

CVE Name CVE-2016-9941
CVE Name CVE-2016-9942
FreeBSD PR ports/215805
URL https://github.com/LibVNC/libvncserver/pull/137

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.