An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
The product does not initialize a critical resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libvncserver | Libvnc_project | * | 0.9.12 (including) |
Red Hat Enterprise Linux 8 | RedHat | libvncserver-0:0.9.11-17.el8 | * |
Libvncserver | Ubuntu | bionic | * |
Libvncserver | Ubuntu | eoan | * |
Libvncserver | Ubuntu | trusty | * |
Libvncserver | Ubuntu | xenial | * |
Veyon | Ubuntu | eoan | * |
Veyon | Ubuntu | groovy | * |
Veyon | Ubuntu | hirsute | * |
Veyon | Ubuntu | impish | * |
Veyon | Ubuntu | kinetic | * |
Veyon | Ubuntu | lunar | * |
Veyon | Ubuntu | mantic | * |
Veyon | Ubuntu | trusty | * |
Vino | Ubuntu | trusty | * |
X11vnc | Ubuntu | bionic | * |
X11vnc | Ubuntu | eoan | * |
X11vnc | Ubuntu | groovy | * |
X11vnc | Ubuntu | hirsute | * |
X11vnc | Ubuntu | impish | * |
X11vnc | Ubuntu | kinetic | * |
X11vnc | Ubuntu | lunar | * |
X11vnc | Ubuntu | mantic | * |
X11vnc | Ubuntu | trusty | * |
X11vnc | Ubuntu | trusty/esm | * |
X11vnc | Ubuntu | xenial | * |