SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2020-1873

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2020-1873

Security update for LibVNCServer

Type: security

Severity: important

Issued: 2020-07-07

Description:

This update for LibVNCServer fixes the following issues:

- CVE-2017-18922: Fixed an issue which could have allowed to an attacker to pre-auth overwrite a function pointer 
  which subsequently used leading to potential remote code execution (bsc#1173477).

References

CVE: CVE-2017-18922
Bugzilla: 1173477 VUL-0: CVE-2017-18922: LibVNCServer: preauth buffer overwrite

Packages

LibVNCServer-0.9.10-4.19.1