Home

CVE-2018-20020

Description

LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
21.03

Associated Vulnerability

VulnerabilityOS Platform
vnc server library (USN-3171-1) libvncclient1_0.9.10+dfsg-3ubuntu0.16.04.3_i386.debLinux
vnc server library (USN-3171-1) libvncclient1_0.9.10+dfsg-3ubuntu0.16.04.3_amd64.debLinux
vnc server library (USN-3618-1) libvncserver0_0.9.9+dfsg-1ubuntu1.4_i386.debLinux
vnc server library (USN-3618-1) libvncserver0_0.9.9+dfsg-1ubuntu1.4_amd64.debLinux
vnc server library (USN-3618-1) libvncserver1_0.9.10+dfsg-3ubuntu0.16.04.3_i386.debLinux
vnc server library (USN-3618-1) libvncserver1_0.9.10+dfsg-3ubuntu0.16.04.3_amd64.debLinux
vnc server library (USN-3877-1) libvncclient1_0.9.11+dfsg-1ubuntu1.1_i386.debLinux
vnc server library (USN-3877-1) libvncclient1_0.9.11+dfsg-1ubuntu1.1_amd64.debLinux
vnc server library (USN-3877-1) libvncclient1_0.9.11+dfsg-1.1ubuntu0.1_i386.debLinux
vnc server library (USN-3877-1) libvncclient1_0.9.11+dfsg-1.1ubuntu0.1_amd64.debLinux
vnc server library (USN-3877-1) libvncclient1_0.9.10+dfsg-3ubuntu0.16.04.3_i386.debLinux
vnc server library (USN-3877-1) libvncclient1_0.9.10+dfsg-3ubuntu0.16.04.3_amd64.debLinux
vnc server library (USN-3877-1) libvncserver0_0.9.9+dfsg-1ubuntu1.4_i386.debLinux
vnc server library (USN-3877-1) libvncserver0_0.9.9+dfsg-1ubuntu1.4_amd64.debLinux
vnc server library (USN-3877-1) libvncserver1_0.9.11+dfsg-1ubuntu1.1_i386.debLinux
vnc server library (USN-3877-1) libvncserver1_0.9.11+dfsg-1ubuntu1.1_amd64.debLinux
vnc server library (USN-3877-1) libvncserver1_0.9.11+dfsg-1.1ubuntu0.1_i386.debLinux
vnc server library (USN-3877-1) libvncserver1_0.9.11+dfsg-1.1ubuntu0.1_amd64.debLinux
vnc server library (USN-3877-1) libvncserver1_0.9.10+dfsg-3ubuntu0.16.04.3_i386.debLinux
vnc server library (USN-3877-1) libvncserver1_0.9.10+dfsg-3ubuntu0.16.04.3_amd64.debLinux
SUSE-SU-2019:13927-1(SUSE Linux Enterprise Server 11-SP4 ) LibVNCServer-0.9.1-160.6.1.i586.rpmLinux
SUSE-SU-2019:13927-1(SUSE Linux Enterprise Server 11-SP4 ) LibVNCServer-0.9.1-160.6.1.x86_64.rpmLinux
didact tool which allows teachers to view and control computer labs (USN-4547-1) italc-client_3.0.3+dfsg1-3ubuntu0.1_i386.debLinux
didact tool which allows teachers to view and control computer labs (USN-4547-1) italc-client_3.0.3+dfsg1-3ubuntu0.1_amd64.debLinux
didact tool which allows teachers to view and control computer labs (USN-4547-1) italc-master_3.0.3+dfsg1-3ubuntu0.1_i386.debLinux
didact tool which allows teachers to view and control computer labs (USN-4547-1) italc-master_3.0.3+dfsg1-3ubuntu0.1_amd64.debLinux
didact tool which allows teachers to view and control computer labs (USN-4547-1) libitalccore_3.0.3+dfsg1-3ubuntu0.1_i386.debLinux
didact tool which allows teachers to view and control computer labs (USN-4547-1) libitalccore_3.0.3+dfsg1-3ubuntu0.1_amd64.debLinux
didact tool which allows teachers to view and control computer labs (USN-4587-1) italc-client_2.0.2+dfsg1-4ubuntu0.1_i386.debLinux
didact tool which allows teachers to view and control computer labs (USN-4587-1) italc-client_2.0.2+dfsg1-4ubuntu0.1_amd64.debLinux
didact tool which allows teachers to view and control computer labs (USN-4587-1) italc-master_2.0.2+dfsg1-4ubuntu0.1_i386.debLinux
didact tool which allows teachers to view and control computer labs (USN-4587-1) italc-master_2.0.2+dfsg1-4ubuntu0.1_amd64.debLinux
didact tool which allows teachers to view and control computer labs (USN-4587-1) libitalccore_2.0.2+dfsg1-4ubuntu0.1_i386.debLinux
didact tool which allows teachers to view and control computer labs (USN-4587-1) libitalccore_2.0.2+dfsg1-4ubuntu0.1_amd64.debLinux
Enhanced TightVNC viewer with SSL/SSH tunnel helper (USN-4547-2) ssvnc_1.0.29-2+deb8u1build0.16.04.1_i386.debLinux
Enhanced TightVNC viewer with SSL/SSH tunnel helper (USN-4547-2) ssvnc_1.0.29-2+deb8u1build0.16.04.1_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234