[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2017:2258-01 -- Redhat gtk-vnc

ID: oval:org.secpod.oval:def:502116Date: (C)2017-08-04   (M)2023-04-17
Class: PATCHFamily: unix




The gtk-vnc packages provide a VNC viewer widget for GTK. The gtk-vnc widget is built by using co-routines, which allows the widget to be completely asynchronous while remaining single-threaded. The following packages have been upgraded to a later upstream version: gtk-vnc . Security Fix: * It was found that gtk-vnc lacked proper bounds checking while processing messages using RRE, hextile, or copyrect encodings. A remote malicious VNC server could use this flaw to crash VNC viewers which are based on the gtk-vnc library. * An integer overflow flaw was found in gtk-vnc. A remote malicious VNC server could use this flaw to crash VNC viewers which are based on the gtk-vnc library. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Platform:
Red Hat Enterprise Linux 7
Product:
gtk-vnc
Reference:
RHSA-2017:2258-01
CVE-2017-5884
CVE-2017-5885
CVE    2
CVE-2017-5885
CVE-2017-5884
CPE    2
cpe:/o:redhat:enterprise_linux:7
cpe:/a:gnome:gtk-vnc

© SecPod Technologies