It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
2020-06-30T11:15:10.380
2024-11-21T03:21:16.067
Modified
CVSSv3.1: 9.8 (CRITICAL)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | libvncserver_project | libvncserver | < 0.9.12 | Yes |
| Operating System | canonical | ubuntu_linux | 16.04 | Yes |
| Operating System | canonical | ubuntu_linux | 18.04 | Yes |
| Operating System | canonical | ubuntu_linux | 19.10 | Yes |
| Operating System | canonical | ubuntu_linux | 20.04 | Yes |
| Operating System | opensuse | leap | 15.1 | Yes |
| Operating System | opensuse | leap | 15.2 | Yes |
| Operating System | fedoraproject | fedora | 31 | Yes |
| Operating System | fedoraproject | fedora | 32 | Yes |
| Operating System | siemens | simatic_itc1500_firmware | < 3.2.1.0 | Yes |
| Hardware | siemens | simatic_itc1500 | - | No |
| Operating System | siemens | simatic_itc1500_pro_firmware | < 3.2.1.0 | Yes |
| Hardware | siemens | simatic_itc1500_pro | - | No |
| Operating System | siemens | simatic_itc1900_firmware | < 3.2.1.0 | Yes |
| Hardware | siemens | simatic_itc1900 | - | No |
| Operating System | siemens | simatic_itc1900_pro_firmware | < 3.2.1.0 | Yes |
| Hardware | siemens | simatic_itc1900_pro | - | No |
| Operating System | siemens | simatic_itc2200_firmware | < 3.2.1.0 | Yes |
| Hardware | siemens | simatic_itc2200 | - | No |
| Operating System | siemens | simatic_itc2200_pro_firmware | < 3.2.1.0 | Yes |
| Hardware | siemens | simatic_itc2200_pro | - | No |