3.5
CVE-2011-0905
- EPSS 1.5%
- Veröffentlicht 10.05.2011 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:28:17
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
David King ≫ Vino Version2.10
David King ≫ Vino Version2.11
David King ≫ Vino Version2.12
David King ≫ Vino Version2.13
David King ≫ Vino Version2.13.5
David King ≫ Vino Version2.14
David King ≫ Vino Version2.15
David King ≫ Vino Version2.16
David King ≫ Vino Version2.17
David King ≫ Vino Version2.17.2
David King ≫ Vino Version2.17.4
David King ≫ Vino Version2.17.5
David King ≫ Vino Version2.17.92
David King ≫ Vino Version2.18
David King ≫ Vino Version2.18.1
David King ≫ Vino Version2.19
David King ≫ Vino Version2.19.5
David King ≫ Vino Version2.19.90
David King ≫ Vino Version2.19.92
David King ≫ Vino Version2.20
David King ≫ Vino Version2.20.1
David King ≫ Vino Version2.21
David King ≫ Vino Version2.21.1
David King ≫ Vino Version2.21.2
David King ≫ Vino Version2.21.3
David King ≫ Vino Version2.21.90
David King ≫ Vino Version2.21.91
David King ≫ Vino Version2.21.92
David King ≫ Vino Version2.22
David King ≫ Vino Version2.22.1
David King ≫ Vino Version2.22.2
David King ≫ Vino Version2.23
David King ≫ Vino Version2.23.5
David King ≫ Vino Version2.23.90
David King ≫ Vino Version2.23.91
David King ≫ Vino Version2.23.92
David King ≫ Vino Version2.24
David King ≫ Vino Version2.24.1
David King ≫ Vino Version2.25
David King ≫ Vino Version2.25.3
David King ≫ Vino Version2.25.4
David King ≫ Vino Version2.25.5
David King ≫ Vino Version2.25.90
David King ≫ Vino Version2.25.91
David King ≫ Vino Version2.25.92
David King ≫ Vino Version2.26
David King ≫ Vino Version2.26.1
David King ≫ Vino Version2.26.2
David King ≫ Vino Version2.27
David King ≫ Vino Version2.27.5
David King ≫ Vino Version2.27.90
David King ≫ Vino Version2.27.91
David King ≫ Vino Version2.27.92
David King ≫ Vino Version2.28
David King ≫ Vino Version2.28.1
David King ≫ Vino Version2.28.2
David King ≫ Vino Version2.32.0
David King ≫ Vino Version2.32.1
David King ≫ Vino Version3.0.0
David King ≫ Vino Version3.0.1
David King ≫ Vino Version3.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.5% | 0.708 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.5 | 6.8 | 2.9 |
AV:N/AC:M/Au:S/C:N/I:N/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news
http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news
http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news
http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0
http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f
http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279
http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a
http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4
http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d
http://git.gnome.org/browse/vino/log/?h=gnome-2-30
http://git.gnome.org/browse/vino/tree/NEWS
http://rhn.redhat.com/errata/RHSA-2013-0169.html
http://secunia.com/advisories/44410
http://secunia.com/advisories/44463
http://www.debian.org/security/2011/dsa-2238
http://www.mandriva.com/security/advisories?name=MDVSA-2011:087
http://www.securityfocus.com/bid/47681
http://www.ubuntu.com/usn/usn-1128-1/
http://www.vupen.com/english/advisories/2011/1144
https://bugzilla.gnome.org/show_bug.cgi?id=641803
https://bugzilla.redhat.com/show_bug.cgi?id=694456
https://exchange.xforce.ibmcloud.com/vulnerabilities/67244