LibVNCServer.rfbFileTransfer.Heap.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow vulnerability in LibVNCserver LibVNCClient.
The vulnerability is a result of an improper validation of RFB File Transfer requests. It may allow a remote attacker to execute arbitrary code within the context of the VNC Server, via a crafted packet.
Affected Products
LibVNCServer Development Team LibVNCServer prior to commit 502821828ed00b4a2c4bef90683d0fd88ce495de
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch available from the vendor:
https://github.com/LibVNC/libvncserver/commit/502821828ed00b4a2c4bef90683d0fd88ce495de
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-06-06 | 14.627 | Severity:high:critical |
2019-03-01 | 14.564 | Default_action:pass:drop |
2019-01-16 | 14.524 |