CVE-2016-9942

Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:libvncserver_project:libvncserver:0.9.10:*:*:*:*:*:*:*

Information

Published : 2016-12-31 10:59

Updated : 2020-10-23 06:15


NVD link : CVE-2016-9942

Mitre link : CVE-2016-9942


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

libvncserver_project

  • libvncserver