CVE-2018-15127
19.12.2018, 16:29
LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code executionEnginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| libvnc_project | libvncserver | 𝑥 < 0.9.12 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 9.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| italc |
| ||||||||||||
| libvncserver |
| ||||||||||||
| x11vnc |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libvncclient0 |
| ||||||||||||||||||||||||||||||||||||
| libvncclient1 |
| ||||||||||||||||||||||||||||||||||||
| libvncserver0 |
| ||||||||||||||||||||||||||||||||||||
| libvncserver1 |
|
Red Hat Enterprise Linux Releases
Common Weakness Enumeration
References