[Git][security-tracker-team/security-tracker][master] Add CVE-2018-6307/libvncserver
Salvatore Bonaccorso
carnil at debian.org
Fri Dec 21 06:32:05 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5fc747c9 by Salvatore Bonaccorso at 2018-12-21T06:31:50Z
Add CVE-2018-6307/libvncserver
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -44016,7 +44016,10 @@ CVE-2018-6309
CVE-2018-6308 (Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and ...)
NOT-FOR-US: SugarCRM
CVE-2018-6307 (LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains ...)
- TODO: check
+ - libvncserver <unfixed> (bug #916941)
+ NOTE: https://github.com/LibVNC/libvncserver/issues/241
+ NOTE: https://github.com/LibVNC/libvncserver/commit/ca2a5ac02fbbadd0a21fabba779c1ea69173d10b
+ NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-026-libvnc-heap-use-after-free/
CVE-2018-6306 (Unauthorized code execution from specific DLL and is known as DLL ...)
NOT-FOR-US: Kaspersky Password Manager
CVE-2018-6305 (Denial of service in Gemalto's Sentinel LDK RTE version before 7.65 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5fc747c996b0bc6f5cf65ac7ee0db70ad75b920e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5fc747c996b0bc6f5cf65ac7ee0db70ad75b920e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181221/2547ce3b/attachment.html>
More information about the debian-security-tracker-commits
mailing list