libVNC.LibVNCClient.CoRRE.Buffer.Overflow
Description
This indicates an attack attempt against a Buffer Overflow vulnerability in LibVNCClient.
A remote attacker can exploit this vulnerability by sending a maliciously crafted RFB response to a client that uses libVNCClient library. At the worst case, successful exploitation may result in remote code execution.
Affected Products
LibVNCClient prior to commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d
Impact
System Compromise: Remote attackers can gain control of vulnerable systems
Recommended Actions
Apply the latest patch from the vendor:
https://github.com/LibVNC/libvncserver/commit/09f2f3fb6a5a163e453e5c2979054670c39694bc
https://github.com/LibVNC/libvncserver/commit/7b1ef0ffc4815cab9a96c7278394152bdc89dc4d
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-06-06 | 14.627 | Severity:high:critical |
2019-03-12 | 14.571 | Default_action:pass:drop |
2019-02-07 | 14.544 |