N/A

LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

堆缓冲区溢出

LibVNCServer 安全漏洞

LibVNCServer是一款支持在程序中实现VNC（虚拟网络计算）服务器或客户端功能的跨平台C语言库。 LibVNCServer 中存在安全漏洞。漏洞的存在是由于边界错误。远程攻击者可以触发基于堆的缓冲区溢出，并在目标系统上执行任意代码。

N/A

N/A