Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
LibVNCServer UltraZip Encoding Heap Out-of-bounds Read
Vulnerability Description
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checking in the HandleUltraZipBPP() function by manipulating subrectangle header counts to read beyond the allocated heap buffer.
CVSS Information
N/A
Vulnerability Type
跨界内存读
Vulnerability Title
LibVNCServer 缓冲区错误漏洞
Vulnerability Description
LibVNCServer是LibVNC开源的一款支持在程序中实现VNC(虚拟网络计算)服务器或客户端功能的跨平台C语言库。 LibVNCServer 0.9.15及之前版本存在缓冲区错误漏洞,该漏洞源于UltraZip编码处理程序中存在堆越界读取,可能导致信息泄露或应用程序崩溃。
CVSS Information
N/A
Vulnerability Type
N/A