An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
References
Link | Resource |
---|---|
https://github.com/LibVNC/libvncserver/commit/a6788d1da719ae006605b78d22f5a9f170b423af | Patch Third Party Advisory |
https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13 | Release Notes Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/06/msg00035.html | Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html | Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html | Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html | Mailing List Third Party Advisory |
https://usn.ubuntu.com/4434-1/ | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/08/msg00045.html | Mailing List Third Party Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Information
Published : 2020-06-17 09:15
Updated : 2022-03-09 14:56
NVD link : CVE-2020-14401
Mitre link : CVE-2020-14401
JSON object : View
CWE
CWE-190
Integer Overflow or Wraparound
Products Affected
siemens
- simatic_itc2200_pro
- simatic_itc1900_pro
- simatic_itc2200
- simatic_itc1500_firmware
- simatic_itc2200_pro_firmware
- simatic_itc1500
- simatic_itc1500_pro
- simatic_itc1900_firmware
- simatic_itc2200_firmware
- simatic_itc1500_pro_firmware
- simatic_itc1900
- simatic_itc1900_pro_firmware
libvncserver_project
- libvncserver
opensuse
- leap
debian
- debian_linux