ID CVE-2018-15127
Summary LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution
References
Vulnerable Configurations
  • cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*
    cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 23-10-2020 - 13:15)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 1661102
title CVE-2018-15127 libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 7 is installed
      oval oval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • comment libvncserver is earlier than 0:0.9.9-13.el7_6
          oval oval:com.redhat.rhsa:tst:20190059001
        • comment libvncserver is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141826002
      • AND
        • comment libvncserver-devel is earlier than 0:0.9.9-13.el7_6
          oval oval:com.redhat.rhsa:tst:20190059003
        • comment libvncserver-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141826004
rhsa
id RHSA-2019:0059
released 2019-01-15
severity Important
title RHSA-2019:0059: libvncserver security update (Important)
rpms
  • libvncserver-0:0.9.9-13.el7_6
  • libvncserver-debuginfo-0:0.9.9-13.el7_6
  • libvncserver-devel-0:0.9.9-13.el7_6
refmap via4
debian DSA-4383
misc https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/
mlist
  • [debian-lts-announce] 20181227 [SECURITY] [DLA 1617-1] libvncserver security update
  • [debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update
ubuntu
  • USN-3877-1
  • USN-4547-1
  • USN-4587-1
Last major update 23-10-2020 - 13:15
Published 19-12-2018 - 16:29
Last modified 23-10-2020 - 13:15
Back to Top