CVE-2016-9941

Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
libvncserver_projectlibvncserver
𝑥
≤ 0.9.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libvncserver
bullseye
0.9.13+dfsg-2+deb11u1
fixed
sid
0.9.14+dfsg-1
fixed
trixie
0.9.14+dfsg-1
fixed
bookworm
0.9.14+dfsg-1
fixed
veyon
bullseye
4.5.3+repack1-1
fixed
bookworm
4.7.5+repack1-1
fixed
sid
4.7.5+repack1-1.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
italc
focal
dne
bionic
not-affected
xenial
Fixed 1:2.0.2+dfsg1-4ubuntu0.1
released
trusty
dne
libvncserver
yakkety
Fixed 0.9.10+dfsg-3ubuntu0.16.10.1
released
xenial
Fixed 0.9.10+dfsg-3ubuntu0.16.04.1
released
trusty
Fixed 0.9.9+dfsg-1ubuntu1.2
released
precise
Fixed 0.9.8.2-2ubuntu1.2
released
Common Weakness Enumeration
References
http://www.debian.org/security/2017/dsa-3753
http://www.securityfocus.com/bid/95170
https://github.com/LibVNC/libvncserver/pull/137
https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.11
https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
https://security.gentoo.org/glsa/201702-24
https://usn.ubuntu.com/4587-1/
http://www.debian.org/security/2017/dsa-3753
http://www.securityfocus.com/bid/95170
https://github.com/LibVNC/libvncserver/pull/137
https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.11
https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
https://security.gentoo.org/glsa/201702-24
https://usn.ubuntu.com/4587-1/