Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Enterprise_linux_server_aus | Redhat | 6.5 (including) | 6.5 (including) |
Enterprise_linux_server_eus | Redhat | 6.5.z (including) | 6.5.z (including) |