Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-197-1 | libvncserver security update |
![]() |
DLA-1979-1 | italc security update |
![]() |
DSA-3081-1 | libvncserver security update |
![]() |
EUVD-2014-5939 | Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow. |
![]() |
USN-2365-1 | LibVNCServer vulnerabilities |
![]() |
USN-4587-1 | iTALC vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Sun, 13 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T12:03:02.339Z
Reserved: 2014-09-01T00:00:00
Link: CVE-2014-6051

No data.

Status : Deferred
Published: 2014-09-30T16:55:07.010
Modified: 2025-04-12T10:46:40.837
Link: CVE-2014-6051


No data.