CVE-2016-9942

{"id": "CVE-2016-9942", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2016-12-31T18:59:00.180", "references": [{"url": "http://www.debian.org/security/2017/dsa-3753", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/95170", "source": "cve@mitre.org"}, {"url": "https://github.com/LibVNC/libvncserver/pull/137", "source": "cve@mitre.org"}, {"url": "https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.11", "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html", "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/201702-24", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/4587-1/", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2017/dsa-3753", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/95170", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/LibVNC/libvncserver/pull/137", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.11", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201702-24", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://usn.ubuntu.com/4587-1/", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en ultra.c en LibVNCClient en LibVNCServer en versiones anteriores a 0.9.11 permite a servidores remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un mensaje FramebufferUpdate manipulado con el t\u00edtulo de tipo Ultra, de manera que la longitud de la carga \u00fatil LZO descomprimida excede lo especificado por las dimensiones del azulejo."}], "lastModified": "2024-11-21T03:02:03.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:libvncserver_project:libvncserver:0.9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6241012-4420-4432-B0C6-9450E091D14E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}