CVE-2020-25708

A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1896739 Exploit Issue Tracking Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00035.html Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:libvncserver_project:libvncserver:0.9.12:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-11-27 18:15

Updated : 2024-02-28 18:08


NVD link : CVE-2020-25708

Mitre link : CVE-2020-25708

CVE.ORG link : CVE-2020-25708


JSON object : View

Products Affected

libvncserver_project

  • libvncserver

debian

  • debian_linux

redhat

  • enterprise_linux
CWE
CWE-369

Divide By Zero