SUSE-SU-2017:0104-1 -- SLES LibVNCServerID: oval:org.secpod.oval:def:89044667 | Date: (C)2021-07-07 (M)2022-10-10 |
Class: PATCH | Family: unix |
LibVNCServer was updated to fix two security issues. These security issues were fixed: - CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote servers to cause a denial of service or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area - CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of service or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions
Platform: |
SUSE Linux Enterprise Server 11 SP4 |