CVE-2011-0905

Related Files

Red Hat Security Advisory 2013-0169-01

Posted Jan 23, 2013

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0169-01 - Vino is a Virtual Network Computing server for GNOME. It allows remote users to connect to a running GNOME session using VNC. It was found that Vino transmitted all clipboard activity on the system running Vino to all clients connected to port 5900, even those who had not authenticated. A remote attacker who is able to access port 5900 on a system running Vino could use this flaw to read clipboard data without authenticating. Two out-of-bounds memory read flaws were found in the way Vino processed client framebuffer requests in certain encodings. An authenticated client could use these flaws to send a specially-crafted request to Vino, causing it to crash.

tags | advisory, remote

systems | linux, redhat

advisories | CVE-2011-0904, CVE-2011-0905, CVE-2011-1164, CVE-2011-1165, CVE-2012-4429

SHA-256 | 709d44a326fa0d3994ae28eeedadf167461a56201a46fc7ea3ccc58537ada91c

Download | Favorite | View

Debian Security Advisory 2238-1

Posted May 20, 2011

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2238-1 - Kevin Chen discovered that incorrect processing of framebuffer requests in the Vino VNC server could lead to denial of service.

tags | advisory, denial of service

systems | linux, debian

advisories | CVE-2011-0904, CVE-2011-0905

SHA-256 | 762e8c4f2a7429d7a006ec98826a518cee1f681808fcb98fe4d3c053db743f00

Download | Favorite | View

Mandriva Linux Security Advisory 2011-087

Posted May 16, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-087 - The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service X position or Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions. The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation. The updated packages have been upgraded to 2.28.3 which is not vulnerable to these issues.

tags | advisory, remote, denial of service

systems | linux, mandriva

advisories | CVE-2011-0904, CVE-2011-0905

SHA-256 | 071cbada81358e2a216406d81427278602a3d81ce6f686ff9d33a09a53583363

Download | Favorite | View

Ubuntu Security Notice USN-1128-1

Posted May 3, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1128-1 - Kevin Chen discovered that Vino incorrectly handled certain client framebuffer requests. A remote attacker could use this flaw to cause Vino to crash, leading to a denial of service.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2011-0904, CVE-2011-0905

SHA-256 | fca3394ce9f2f0b40dffc19c7f0227e7f88d5765a3d7d309cff829797dea9fce

Download | Favorite | View