An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
References
Link | Resource |
---|---|
https://github.com/LibVNC/libvncserver/commit/8937203441ee241c4ace85da687b7d6633a12365 | Patch Third Party Advisory |
https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13 | Release Notes Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/06/msg00035.html | Mailing List Third Party Advisory |
https://usn.ubuntu.com/4434-1/ | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/08/msg00045.html | Mailing List Third Party Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Information
Published : 2020-06-17 09:15
Updated : 2022-03-09 14:18
NVD link : CVE-2020-14405
Mitre link : CVE-2020-14405
JSON object : View
CWE
CWE-770
Allocation of Resources Without Limits or Throttling
Products Affected
libvnc_project
- libvncserver
siemens
- simatic_itc2200_pro
- simatic_itc1900_pro
- simatic_itc2200_pro_firmware
- simatic_itc2200
- simatic_itc1500_firmware
- simatic_itc1500
- simatic_itc1500_pro
- simatic_itc1900_firmware
- simatic_itc2200_firmware
- simatic_itc1500_pro_firmware
- simatic_itc1900
- simatic_itc1900_pro_firmware
canonical
- ubuntu_linux
debian
- debian_linux