An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
References
Link | Resource |
---|---|
https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13 | Release Notes Third Party Advisory |
https://github.com/LibVNC/libvncserver/commit/33441d90a506d5f3ae9388f2752901227e430553 | Patch Third Party Advisory |
https://usn.ubuntu.com/4434-1/ | Third Party Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Information
Published : 2020-06-17 09:15
Updated : 2022-03-10 07:15
NVD link : CVE-2020-14396
Mitre link : CVE-2020-14396
JSON object : View
CWE
CWE-476
NULL Pointer Dereference
Products Affected
libvnc_project
- libvncserver
siemens
- simatic_itc2200_pro
- simatic_itc1900_pro
- simatic_itc2200_pro_firmware
- simatic_itc2200
- simatic_itc1500_firmware
- simatic_itc1500
- simatic_itc1500_pro
- simatic_itc1900_firmware
- simatic_itc2200_firmware
- simatic_itc1500_pro_firmware
- simatic_itc1900
- simatic_itc1900_pro_firmware
canonical
- ubuntu_linux
debian
- debian_linux