MGASA-2014-0173

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0173.html

Import Source

https://advisories.mageia.org/MGASA-2014-0173.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2014-0173

Related

CVE-2014-0011

Published

2014-04-15T18:25:29Z

Modified

2014-04-15T18:25:03Z

Summary

Updated tigervnc packages fix CVE-2014-0011

Details

Updated tigervnc packages fix security vulnerability:

A heap-based buffer overflow was found in the way vncviewer rendered certain screen images from a vnc server. If a user could be tricked into connecting to a malicious vnc server, it may cause the vncviewer to crash, or could possibly execute arbitrary code with the permissions of the user running it. This issue was due to an issue in the ZRLE_DECODE() function which performs RLE decoding (CVE-2014-0011).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:3 / tigervnc

Package

Name: tigervnc
Purl: pkg:rpm/mageia/tigervnc?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.0-3.2.mga3

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / tigervnc

Package

Name: tigervnc
Purl: pkg:rpm/mageia/tigervnc?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.0-2.1.mga4

Ecosystem specific

{
    "section": "core"
}